Module vyos¶
License: ASL2.0
Version: 3.0.12
Typedefs¶
- typedef vyos::abrtype_t¶
- Base type - string
- Type constraint - (self in ['cisco', 'ibm', 'shortcut', 'standard'])
 
- typedef vyos::area¶
- Base type - number
- Type constraint - ((self >= 0) and (self < 4294967296))
 
- typedef vyos::duplex¶
- Base type - string
- Type constraint - (((self == 'auto') or (self == 'half')) or (self == 'full'))
 
- typedef vyos::ospf_metric_t¶
- Base type - number
- Type constraint - ((self > 0) and (self <= 16))
 
- typedef vyos::ospf_metric_type_t¶
- Base type - number
- Type constraint - (self in [1, 2])
 
- typedef vyos::redistribute_t¶
- Base type - string
- Type constraint - (self in ['bgp', 'connected', 'kernel', 'rip', 'static'])
 
- typedef vyos::speed¶
- Base type - string
- Type constraint - (self in ['10', '100', '1000', '2500', '10000', 'auto'])
 
- typedef vyos::tunnel_encap_t¶
- Base type - string
- Type constraint - (self in ['gre', 'gre-bridge', 'ipip', 'sit', 'ipip6', 'ip6ip6'])
 
- typedef vyos::tunnel_key_t¶
- Base type - number
- Type constraint - ((self >= 0) and (self <= 99999))
 
- typedef vyos::tunnel_mtu_t¶
- Base type - number
- Type constraint - ((self >= 64) and (self <= 8024))
 
- typedef vyos::vlan_id¶
- Base type - int
- Type constraint - ((self >= 0) and (self < 4095))
 
- typedef vyos::firewall::action_t¶
- Base type - string
- Type constraint - (self in ['accept', 'drop', 'reject'])
 
- typedef vyos::firewall::protocol_t¶
- Base type - string
- Type constraint - (self in ['tcp_udp', 'all', 'icmp', 'tcp', 'udp'])
 
- typedef vyos::routemap::rm_action_t¶
- Base type - string
- Type constraint - (self in ['permit', 'deny'])
 
- typedef vyos::vpn::auth_mode_t¶
- Base type - string
- Type constraint - (self in ['pre-shared-secret', 'rsa', 'x509'])
 
- typedef vyos::vpn::conn_type_t¶
- Base type - string
- Type constraint - (self in ['initiate', 'respond'])
 
- typedef vyos::vpn::dh_group_t¶
- Base type - string
- Type constraint - (self in [2, 5, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26])
 
- typedef vyos::vpn::encryption_t¶
- Base type - string
- Type constraint - (self in ['aes128', 'aes256', '3des'])
 
- typedef vyos::vpn::esp_mode_t¶
- Base type - string
- Type constraint - (self in ['tunnel', 'transport'])
 
- typedef vyos::vpn::hash_t¶
- Base type - string
- Type constraint - (self in ['md5', 'sha1', 'sha256', 'sha384', 'sha512'])
 
- typedef vyos::vpn::kex_t¶
- Base type - string
- Type constraint - (self in ['ikev1', 'ikev2'])
 
- typedef vyos::vpn::local_address_t¶
- Base type - string
- Type constraint - (std::validate_type('pydantic.IPvAnyAddress',self) or (self == 'any'))
 
Entities¶
- entity vyos::Address¶
- Parents: - std::Entity- An address entity to add multiple addresses to an interface - attribute std::ipv_any_interface ip¶
 - The following implements statements select implementations for this entity: - std::noneconstraint- true
 
- entity vyos::BaseHost¶
- Parents: - std::Host- A vyos (or derivative) based host. - attribute string user='inmanta'¶
 - attribute string password='inmanta'¶
 - attribute number port=22¶
 - attribute bool skip_on_connect_error=false¶
- When true, vyos resources deployed on this host will be skipped when the handler fails to connect to the host. Otherwise the resource will be marked as failed. 
 - relation vyos::Credential credential [1]¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::vyosConfigconstraint- true
- constraint - true
 
- entity vyos::BaseInterface¶
- Parents: - vyos::ConfigNode- attribute string name¶
 - attribute std::ipv_any_interface? address=null¶
 - attribute bool dhcp=false¶
 - relation vyos::Address addresses [0:*]¶
 - relation vyos::PolicyRoute policy_route [0:1]¶
- Set a policy route for this interface. 
 - relation vyos::Shaper traffic_policy_out [0:1]¶
- other end: - vyos::Shaper.interfaces_in [0:*]
 - relation vyos::Shaper traffic_policy_in [0:1]¶
- other end: - vyos::Shaper.interfaces_out [0:*]
 - relation vyos::Bridge bridge_group [0:1]¶
- other end: - vyos::Bridge.members [0:*]
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::ifacePolicyRouteconstraint- policy_route is defined
 
- entity vyos::Bridge¶
- Parents: - vyos::BaseInterface- attribute string type='bridge'¶
 - relation vyos::BaseInterface members [0:*]¶
- other end: - vyos::BaseInterface.bridge_group [0:1]
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::bridgeconstraint- true
 
- entity vyos::Config¶
- Parents: - vyos::ConfigItem,- std::PurgeableResource- VYOS config block resource - This is the central resource, that is used to deploy specific configlets. - attribute string device¶
 - attribute string node¶
 - attribute bool never_delete=false¶
 - attribute bool save=true¶
 - attribute bool send_event=true¶
 - attribute string[] keys_only=List()¶
- Only compare these keys, ignore all other keys that are in the current state 
 - attribute string[] ignore_keys=List()¶
- Ignore these keys in the current state 
 - attribute bool facts=false¶
- When set to true the config is never executed. The value under node is exposed as a fact 
 - attribute bool skip_on_connect_error¶
 - relation vyos::Credential credential [1]¶
 - The following implements statements select implementations for this entity: - std::noneconstraint- true
 
- entity vyos::ConfigItem¶
- Parents: - std::Entity- attribute string config¶
 - relation vyos::ExtraConfig extra [0:*]¶
- other end: - vyos::ExtraConfig.parent [1]
 
- entity vyos::ConfigNode¶
- Parents: - std::Entity- attribute string node_name¶
 - attribute bool purged=false¶
 - attribute bool purge_on_delete=false¶
 - relation vyos::ConfigItem config [0:1]¶
 - relation vyos::BaseHost host [1]¶
 - The following implementations are defined for this entity: 
- entity vyos::Credential¶
- Parents: - std::Entity- attribute string address¶
 - attribute string user¶
 - attribute string password¶
 - attribute number port¶
 - The following implements statements select implementations for this entity: - std::noneconstraint- true
 
- entity vyos::DhcpServer¶
- Parents: - vyos::ConfigNode- attribute string name¶
 - attribute std::ipv4_interface subnet¶
 - attribute std::ipv4_address default_router¶
 - attribute std::ipv4_address[] dns_servers¶
 - attribute std::ipv4_address range_start¶
 - attribute std::ipv4_address range_end¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::dhcpServerconstraint- true
 
- entity vyos::ExtraConfig¶
- Parents: - vyos::ConfigItem- relation vyos::ConfigItem parent [1]¶
- other end: - vyos::ConfigItem.extra [0:*]
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::extraconfig_dependsconstraint- true
 
- entity vyos::Host¶
- Parents: - vyos::BaseHost- The following implements statements select implementations for this entity: - constraint - true
- vyos::commonConfigconstraint- true
 
- entity vyos::Hostname¶
- Parents: - vyos::ConfigNode- attribute string name¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::hostnameconstraint- true
 
- entity vyos::Interface¶
- Parents: - vyos::BaseInterface- attribute bool never_delete=false¶
 - attribute vyos::duplex duplex='auto'¶
 - attribute vyos::speed speed='auto'¶
 - relation vyos::firewall::RuleSet inbound_ruleset [0:1]¶
 - relation vyos::firewall::RuleSet local_ruleset [0:1]¶
 - relation vyos::firewall::RuleSet outbound_ruleset [0:1]¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::ifaceconstraint- true
 
- entity vyos::IpFact¶
- Parents: - std::PurgeableResource- Discover interface IP - attribute string id¶
 - attribute string device¶
 - relation vyos::BaseHost host [1]¶
 - relation vyos::Credential credential [1]¶
 - relation vyos::Interface interface [1]¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::wireup_ipfactconstraint- true
 
- entity vyos::Loopback¶
- Parents: - vyos::ConfigNode- attribute std::ipv4_interface address¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::loopbackconstraint- true
 
- entity vyos::Masquerade¶
- Parents: - vyos::ConfigNode- attribute string outbound_interface¶
 - attribute string source_address¶
 - attribute number rule¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::masqconstraint- true
 
- entity vyos::Ospf¶
- Parents: - vyos::ConfigNode- attribute vyos::area area=0¶
 - attribute std::ipv4_interface[] network¶
 - attribute std::ipv4_address router_id¶
 - attribute string[]? passive_interfaces=null¶
 - attribute string[]? passive_interface_excludes=null¶
 - attribute vyos::abrtype_t abrtype='cisco'¶
 - relation vyos::OspfRedistribute redistributes [0:*]¶
- other end: - vyos::OspfRedistribute.ospf [1]
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::ospfconstraint- true
 
- entity vyos::OspfRedistribute¶
- Parents: - std::Entity- attribute vyos::redistribute_t type¶
 - attribute vyos::ospf_metric_t? metric=null¶
 - attribute vyos::ospf_metric_type_t metric_type=2¶
 - attribute string? route_map=null¶
 - relation vyos::Ospf ospf [1]¶
- other end: - vyos::Ospf.redistributes [0:*]
 - The following implements statements select implementations for this entity: - std::noneconstraint- true
 
- entity vyos::PolicyRoute¶
- Parents: - vyos::ConfigNode- Route policy for Vyos Polciy Based Routing. - attribute std::alfanum name¶
- The name for this policy route 
 - relation vyos::PolicyRouteRule rules [1:*]¶
- other end: - vyos::PolicyRouteRule.policy [1]
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::policyRouteconstraint- true
 
- entity vyos::PolicyRouteRule¶
- Parents: - vyos::ConfigNode- Rule in a route policy for Vyos Polciy Based Routing. - attribute number id¶
- The rule number 
 - attribute number table¶
- Routing table for traffic matching this rule 
 - attribute std::alfanum? description=null¶
- Description for this rule 
 - attribute std::ipv4_interface? match_source_address=null¶
- The source address to match traffic on 
 - attribute std::ipv4_interface? match_destination_address=null¶
- The destination address to match traffic on. Can only be specified if match_protocol is set 
 - attribute std::port? match_source_port=null¶
- The source port to match traffic on. Can only be specified if match_protocol in [“tcp”, “udp”] 
 - attribute std::port? match_destination_port=null¶
- The destination port to match traffic on 
 - attribute std::alfanum? match_protocol=null¶
- The protocol to match traffic on 
 - relation vyos::PolicyRoute policy [1]¶
- other end: - vyos::PolicyRoute.rules [1:*]
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::policyRouteRuleconstraint- true
 
- entity vyos::RouteMap¶
- Parents: - vyos::ConfigNode- attribute string name¶
 - attribute string? description=null¶
 - relation vyos::routemap::Rule rules [0:*]¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::routeMapconstraint- true
 
- entity vyos::Shaper¶
- Parents: - vyos::ConfigNode- attribute string name¶
 - attribute string bandwidth¶
 - attribute string default_bandwidth='50%'¶
 - attribute string default_ceiling='100%'¶
 - attribute string default_queue_type='fair-queue'¶
 - relation vyos::BaseInterface interfaces_in [0:*]¶
- other end: - vyos::BaseInterface.traffic_policy_out [0:1]
 - relation vyos::BaseInterface interfaces_out [0:*]¶
- other end: - vyos::BaseInterface.traffic_policy_in [0:1]
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::shaperconstraint- true
 
- entity vyos::StaticRoute¶
- Parents: - vyos::ConfigNode- attribute std::ipv4_interface destination¶
 - attribute std::ipv4_address next_hop¶
 - attribute number table=0¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::staticRouteDefaultconstraint- (table == 0)
- vyos::staticRouteTableconstraint- (table > 0)
 
- entity vyos::Tunnel¶
- Parents: - vyos::BaseInterface- attribute string? description=null¶
 - attribute vyos::tunnel_mtu_t mtu=1476¶
 - attribute vyos::tunnel_encap_t encapsulation¶
 - attribute std::ipv_any_address local_ip¶
 - attribute std::ipv_any_address? remote_ip=null¶
 - attribute vyos::tunnel_key_t? key=null¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::tunnelconstraint- true
 
- entity vyos::Vif¶
- Parents: - vyos::BaseInterface- attribute vyos::vlan_id vlan¶
 - attribute string type='vif'¶
 - attribute string name=''¶
 - relation vyos::Interface parent [1]¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::vifconstraint- true
 
- entity vyos::firewall::AddressGroup¶
- Parents: - vyos::firewall::Group- attribute string[] addresses¶
 - string vyos::firewall::AddressGroup.description='inmanta managed address-group'
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::firewall::addressGroupconstraint- true
 
- entity vyos::firewall::Group¶
- Parents: - vyos::ConfigNode- attribute string name¶
 - attribute string group_type¶
 
- entity vyos::firewall::NetworkGroup¶
- Parents: - vyos::firewall::Group- attribute std::ipv4_interface[] networks¶
 - string vyos::firewall::NetworkGroup.description='inmanta managed network-group'
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::firewall::networkGroupconstraint- true
 
- entity vyos::firewall::PortGroup¶
- Parents: - vyos::firewall::Group- attribute string[] ports¶
 - string vyos::firewall::PortGroup.description='inmanta managed port-group'
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::firewall::portGroupconstraint- true
 
- entity vyos::firewall::Rule¶
- Parents: - std::Entity- attribute number id¶
 - attribute vyos::firewall::action_t action¶
 - attribute vyos::firewall::protocol_t protocol¶
 - string vyos::firewall::Rule.description='inmanta managed rule'
 - relation vyos::firewall::Group source [0:*]¶
 - relation vyos::firewall::Group destination [0:*]¶
 - relation vyos::firewall::RuleSet ruleset [1]¶
- other end: - vyos::firewall::RuleSet.rules [0:*]
 - The following implements statements select implementations for this entity: - std::noneconstraint- true
 
- entity vyos::firewall::RuleSet¶
- Parents: - vyos::ConfigNode- attribute string name¶
 - attribute vyos::firewall::action_t default_action¶
 - string vyos::firewall::RuleSet.description='inmanta managed ruleset'
 - relation vyos::firewall::Rule rules [0:*]¶
- other end: - vyos::firewall::Rule.ruleset [1]
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::firewall::ruleSetconstraint- true
 
- entity vyos::openstackext::OpenstackHost¶
- Parents: - vyos::BaseHost,- openstack::Host- A vyos based host for Openstack - attribute string? floatingIP=null¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::openstackext::withFipconstraint- floatingIP is defined
- vyos::commonConfigconstraint- (not floatingIP is defined)
- constraint - true
- vyos::openstackext::openstackConfigconstraint- true
 
- entity vyos::routemap::Match¶
- Parents: - std::Entity- attribute string? interface=null¶
 - The following implements statements select implementations for this entity: - std::noneconstraint- true
 
- entity vyos::routemap::Rule¶
- Parents: - std::Entity- attribute number id¶
 - attribute vyos::routemap::rm_action_t action¶
 - relation vyos::routemap::Match match [1]¶
 - The following implements statements select implementations for this entity: - std::noneconstraint- true
 
- entity vyos::vpn::Authentication¶
- Parents: - std::Entity- attribute string id¶
 - attribute vyos::vpn::auth_mode_t mode¶
 - attribute string? remote_id=null¶
 - attribute string? rsa_key_name=null¶
 - The following implements statements select implementations for this entity: - std::noneconstraint- true
 
- entity vyos::vpn::ESPGroup¶
- Parents: - vyos::ConfigNode- attribute string name¶
 - attribute bool compression¶
 - attribute number lifetime¶
 - attribute vyos::vpn::esp_mode_t mode¶
 - attribute bool pfs¶
 - relation vyos::vpn::ESPProposal proposals [1:*]¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::vpn::espGroupconstraint- true
 
- entity vyos::vpn::ESPProposal¶
- Parents: - std::Entity- attribute number id¶
 - attribute vyos::vpn::encryption_t encryption¶
 - attribute vyos::vpn::hash_t hash='sha1'¶
 - The following implements statements select implementations for this entity: - std::noneconstraint- true
 
- entity vyos::vpn::IKEGroup¶
- Parents: - vyos::ConfigNode- attribute string name¶
 - attribute vyos::vpn::kex_t key_exchange='ikev1'¶
 - attribute number lifetime¶
 - relation vyos::vpn::IKEProposal proposals [1:*]¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::vpn::ikeGroupconstraint- true
 
- entity vyos::vpn::IKEProposal¶
- Parents: - std::Entity- attribute number id¶
 - attribute vyos::vpn::dh_group_t? dh_group=null¶
 - attribute vyos::vpn::encryption_t encryption¶
 - attribute vyos::vpn::hash_t hash='sha1'¶
 - The following implements statements select implementations for this entity: - std::noneconstraint- true
 
- entity vyos::vpn::IPSECOptions¶
- Parents: - vyos::ConfigNode- attribute string[] ipsec_interfaces=List()¶
 - attribute string[] log_modes=List()¶
 - attribute bool nat_traversal=false¶
 - attribute std::ipv4_interface[] allowed_nat_networks=List()¶
 - The following implements statements select implementations for this entity: - vyos::vpn::ipsecOptionsconstraint- true
 
- entity vyos::vpn::KeyGen¶
- Parents: - std::PurgeableResource- Ensure an RSA key has been generated - attribute string id='keygen'¶
 - attribute string device¶
 - relation vyos::BaseHost host [1]¶
 - relation vyos::Credential credential [1]¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::vpn::wireupconstraint- true
 
- entity vyos::vpn::RSAKey¶
- Parents: - vyos::ConfigNode- attribute string name¶
 - attribute string rsa_key¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::vpn::rsaKeyconstraint- true
 
- entity vyos::vpn::SiteToSite¶
- Parents: - vyos::ConfigNode- attribute string peer¶
 - attribute vyos::vpn::conn_type_t connection_type¶
 - attribute vyos::vpn::local_address_t local_address¶
 - relation vyos::vpn::Authentication authentication [1]¶
 - relation vyos::vpn::IKEGroup ike_group [1]¶
 - relation vyos::vpn::ESPGroup default_esp_group [0:1]¶
 - relation vyos::vpn::Tunnel tunnels [0:*]¶
 - The following implementations are defined for this entity: - The following implements statements select implementations for this entity: - vyos::vpn::siteToSiteconstraint- true
 
Implementations¶
- implementation vyos::bridge¶
- implementation vyos::commonConfig¶
- implementation vyos::dhcpServer¶
- implementation vyos::extraconfig_depends¶
- implementation vyos::hostname¶
- implementation vyos::iface¶
- implementation vyos::ifacePolicyRoute¶
- implementation vyos::loopback¶
- implementation vyos::masq¶
- implementation vyos::ospf¶
- implementation vyos::policyRoute¶
- implementation vyos::policyRouteRule¶
- implementation vyos::routeMap¶
- implementation vyos::shaper¶
- implementation vyos::staticRouteDefault¶
- implementation vyos::staticRouteTable¶
- implementation vyos::tunnel¶
- implementation vyos::vif¶
- implementation vyos::vyosConfig¶
- implementation vyos::wireup_ipfact¶
- implementation vyos::firewall::addressGroup¶
- implementation vyos::firewall::networkGroup¶
- implementation vyos::firewall::portGroup¶
- implementation vyos::firewall::ruleSet¶
- implementation vyos::openstackext::openstackConfig¶
- implementation vyos::openstackext::withFip¶
- implementation vyos::vpn::espGroup¶
- implementation vyos::vpn::ikeGroup¶
- implementation vyos::vpn::ipsecOptions¶
- implementation vyos::vpn::rsaKey¶
- implementation vyos::vpn::siteToSite¶
- implementation vyos::vpn::wireup¶
Resources¶
- class vyos.Config¶
- Resource for entity - vyos::Config
- Id attribute - nodeid
- Agent name - device
- Handlers - vyos.VyosHandler
 
- class vyos.IpFact¶
- Resource for entity - vyos::IpFact
- Id attribute - id
- Agent name - device
- Handlers - vyos.IpFactHandler
 
- class vyos.KeyGen¶
- Resource for entity - vyos::vpn::KeyGen
- Id attribute - id
- Agent name - device
- Handlers - vyos.KeyGenHandler
 
Handlers¶
- class vyos.VyosHandler¶
- Handler for entity - vyos::Config
 
- class vyos.KeyGenHandler¶
- Handler for entity - vyos::vpn::KeyGen
 
- class vyos.IpFactHandler¶
- Handler for entity - vyos::IpFact