def _ValidateRegionalArgs(args):
"""Validate the regional forwarding rules args.
Args:
args: The arguments given to the create/set-target command.
"""
if getattr(args, 'global', None):
raise exceptions.ArgumentError(
'You cannot specify [--global] for a regional '
'forwarding rule.')
# For flexible networking, with STANDARD network tier the regional forwarding
# rule can have global target. The request may not specify network tier
# because it can be set as default project setting, so here let backend do
# validation.
if args.target_instance_zone and not args.target_instance:
raise exceptions.ArgumentError(
'You cannot specify [--target-instance-zone] unless you are '
'specifying [--target-instance].')
if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL':
if getattr(args, 'port_range', None):
raise exceptions.ArgumentError(
'You cannot specify [--port-range] for a forwarding rule '
'whose [--load-balancing-scheme] is internal, '
'please use [--ports] flag instead.')
if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL_SELF_MANAGED':
raise exceptions.ArgumentError(
'You cannot specify an INTERNAL_SELF_MANAGED [--load-balancing-scheme] '
'for a regional forwarding rule.')
def _ValidateGlobalArgs(args):
"""Validate the global forwarding rules args."""
if args.target_instance:
raise exceptions.ArgumentError(
'You cannot specify [--target-instance] for a global '
'forwarding rule.')
if args.target_pool:
raise exceptions.ArgumentError(
'You cannot specify [--target-pool] for a global '
'forwarding rule.')
if getattr(args, 'backend_service', None):
raise exceptions.ArgumentError(
'You cannot specify [--backend-service] for a global '
'forwarding rule.')
if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL':
raise exceptions.ArgumentError(
'You cannot specify internal [--load-balancing-scheme] for a global '
'forwarding rule.')
if getattr(args, 'target_vpn_gateway', None):
raise exceptions.ArgumentError(
'You cannot specify [--target-vpn-gateway] for a global '
'forwarding rule.')
if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL_SELF_MANAGED':
if (not getattr(args, 'target_http_proxy', None)
and not getattr(args, 'target_https_proxy', None)
and not getattr(args, 'target_grpc_proxy', None)
and not getattr(args, 'target_tcp_proxy', None)):
target_error_message_with_tcp = (
'You must specify either [--target-http-proxy], '
'[--target-https-proxy], [--target-grpc-proxy] '
'or [--target-tcp-proxy] for an '
'INTERNAL_SELF_MANAGED [--load-balancing-scheme].')
raise exceptions.ArgumentError(target_error_message_with_tcp)
if getattr(args, 'subnet', None):
raise exceptions.ArgumentError(
'You cannot specify [--subnet] for an INTERNAL_SELF_MANAGED '
'[--load-balancing-scheme].')
if not getattr(args, 'address', None):
raise exceptions.ArgumentError(
'You must specify [--address] for an INTERNAL_SELF_MANAGED '
'[--load-balancing-scheme]')
def _ValidateRegionalArgs(args):
"""Validate the regional forwarding rules args.
Args:
args: The arguments given to the create/set-target command.
"""
if getattr(args, 'global', None):
raise exceptions.ArgumentError(
'You cannot specify [--global] for a regional '
'forwarding rule.')
# For flexible networking, with STANDARD network tier the regional forwarding
# rule can have global target. The request may not specify network tier
# because it can be set as default project setting, so here let backend do
# validation.
if args.target_instance_zone and not args.target_instance:
raise exceptions.ArgumentError(
'You cannot specify [--target-instance-zone] unless you are '
'specifying [--target-instance].')
if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL':
if getattr(args, 'port_range', None):
raise exceptions.ArgumentError(
'You cannot specify [--port-range] for a forwarding rule '
'whose [--load-balancing-scheme] is internal, '
'please use [--ports] flag instead.')
schemes_allowing_network_fields = ['INTERNAL', 'INTERNAL_MANAGED']
ip_version = getattr(args, 'ip_version', None)
if ip_version == 'IPV6' and (getattr(args, 'load_balancing_scheme',
None) not in [None, 'EXTERNAL']
or not getattr(args, 'backend_service', None)
or not getattr(args, 'subnet', None)
or getattr(args, 'network', None)):
raise exceptions.ArgumentError(
'IPv6 forwarding rules are only supported for EXTERNAL '
'[--load-balancing-scheme] with Backend Service and must '
'be assigned a subnetwork only.')
elif (ip_version != 'IPV6' and getattr(args, 'subnet', None)
or getattr(args, 'network', None)) and not getattr(
args, 'target_service_attachment', None) and getattr(
args, 'load_balancing_scheme',
None) not in schemes_allowing_network_fields:
raise exceptions.ArgumentError(
'You cannot specify [--subnet] or [--network] for non-internal '
'[--load-balancing-scheme] non-PSC forwarding rule.')
if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL_SELF_MANAGED':
raise exceptions.ArgumentError(
'You cannot specify an INTERNAL_SELF_MANAGED [--load-balancing-scheme] '
'for a regional forwarding rule.')
def GetRegionalTarget(client,
resources,
args,
forwarding_rule_ref=None,
include_l7_internal_load_balancing=False,
include_target_service_attachment=False):
"""Return the forwarding target for a regionally scoped request."""
_ValidateRegionalArgs(args)
if forwarding_rule_ref:
region_arg = forwarding_rule_ref.region
project_arg = forwarding_rule_ref.project
else:
region_arg = args.region
project_arg = None
if args.target_pool:
if not args.target_pool_region and region_arg:
args.target_pool_region = region_arg
target_ref = flags.TARGET_POOL_ARG.ResolveAsResource(
args,
resources,
scope_lister=compute_flags.GetDefaultScopeLister(client))
target_region = target_ref.region
elif args.target_instance:
target_ref = flags.TARGET_INSTANCE_ARG.ResolveAsResource(
args,
resources,
scope_lister=_GetZonesInRegionLister(
['--target-instance-zone'], region_arg, client, project_arg
or properties.VALUES.core.project.GetOrFail()))
target_region = utils.ZoneNameToRegionName(target_ref.zone)
elif getattr(args, 'target_vpn_gateway', None):
if not args.target_vpn_gateway_region and region_arg:
args.target_vpn_gateway_region = region_arg
target_ref = flags.TARGET_VPN_GATEWAY_ARG.ResolveAsResource(
args, resources)
target_region = target_ref.region
elif getattr(args, 'backend_service', None):
if not args.backend_service_region and region_arg:
args.backend_service_region = region_arg
target_ref = flags.BACKEND_SERVICE_ARG.ResolveAsResource(
args, resources)
target_region = target_ref.region
elif args.target_http_proxy:
target_ref = flags.TargetHttpProxyArg(
include_l7_internal_load_balancing=
include_l7_internal_load_balancing).ResolveAsResource(
args, resources, default_scope=compute_scope.ScopeEnum.GLOBAL)
target_region = region_arg
elif args.target_https_proxy:
target_ref = flags.TargetHttpsProxyArg(
include_l7_internal_load_balancing=
include_l7_internal_load_balancing).ResolveAsResource(
args, resources, default_scope=compute_scope.ScopeEnum.GLOBAL)
target_region = region_arg
elif args.target_ssl_proxy:
target_ref = flags.TARGET_SSL_PROXY_ARG.ResolveAsResource(
args, resources)
target_region = region_arg
elif args.target_tcp_proxy:
target_ref = flags.TARGET_TCP_PROXY_ARG.ResolveAsResource(
args, resources)
target_region = region_arg
elif include_target_service_attachment and args.target_service_attachment:
target_ref = flags.TargetServiceAttachmentArg().ResolveAsResource(
args, resources)
target_region = target_ref.region
if target_region != region_arg or (
args.target_service_attachment_region and region_arg
and args.target_service_attachment_region != region_arg):
raise exceptions.ArgumentError(
'The region of the provided service attachment must equal the '
'[--region] of the forwarding rule.')
return target_ref, target_region
def _CreateGlobalRequests(self, client, resources, args, forwarding_rule_ref):
"""Create a globally scoped request."""
is_psc_google_apis = False
if hasattr(args,
'target_google_apis_bundle') and args.target_google_apis_bundle:
if not self._support_psc_google_apis:
raise exceptions.InvalidArgumentException(
'--target-google-apis-bundle',
'Private Service Connect for Google APIs (the target-google-apis-bundle option '
'for forwarding rules) is not supported in this API version.')
else:
is_psc_google_apis = True
sd_registration = None
if hasattr(args, 'service_directory_registration'
) and args.service_directory_registration:
if not is_psc_google_apis:
raise exceptions.InvalidArgumentException(
'--service-directory-registration',
'Can only be specified for regional forwarding rules or Private Service Connect forwarding rules targeting a Google APIs bundle.'
)
# Parse projects/../locations/..
match = re.match(
r'^projects/([^/]+)/locations/([^/]+)(?:/namespaces/([^/]+))?$',
args.service_directory_registration)
if not match:
raise exceptions.InvalidArgumentException(
'--service-directory-registration',
'Must be of the form projects/PROJECT/locations/REGION or projects/PROJECT/locations/REGION/namespaces/NAMESPACE'
)
project = match.group(1)
region = match.group(2)
namespace = match.group(3)
if project != forwarding_rule_ref.project:
raise exceptions.InvalidArgumentException(
'--service-directory-registration',
'Must be in the same project as the forwarding rule.')
sd_registration = client.messages.ForwardingRuleServiceDirectoryRegistration(
serviceDirectoryRegion=region, namespace=namespace)
ports_all_specified, range_list = _ExtractPortsAndAll(args.ports)
port_range = _MakeSingleUnifiedPortRange(args.port_range, range_list)
# All global forwarding rules must use EXTERNAL or INTERNAL_SELF_MANAGED
# schemes presently.
load_balancing_scheme = _GetLoadBalancingScheme(args, client.messages,
is_psc_google_apis)
if is_psc_google_apis:
rule_name = forwarding_rule_ref.Name()
if len(rule_name) > 20 or rule_name[0].isdigit(
) or not rule_name.isalnum():
raise fw_exceptions.ArgumentError(
'A forwarding rule to Google APIs must have a name that is between '
' 1-20 characters long, alphanumeric, starting with a letter.')
if port_range:
raise exceptions.InvalidArgumentException(
'--ports',
'[--ports] is not allowed for PSC-GoogleApis forwarding rules.')
if load_balancing_scheme:
raise exceptions.InvalidArgumentException(
'--load-balancing-scheme',
'The --load-balancing-scheme flag is not allowed for PSC-GoogleApis'
' forwarding rules.')
if args.target_google_apis_bundle in flags.PSC_GOOGLE_APIS_BUNDLES:
target_as_str = args.target_google_apis_bundle
else:
bundles_list = ', '.join(flags.PSC_GOOGLE_APIS_BUNDLES)
raise exceptions.InvalidArgumentException(
'--target-google-apis-bundle',
'The valid values for target-google-apis-bundle are: ' +
bundles_list)
else:
# L7XLB in Premium Tier.
target_ref = utils.GetGlobalTarget(resources, args)
target_as_str = target_ref.SelfLink()
if ports_all_specified:
raise exceptions.InvalidArgumentException(
'--ports',
'[--ports] cannot be set to ALL for global forwarding rules.')
if not port_range:
raise exceptions.InvalidArgumentException(
'--ports', '[--ports] is required for global forwarding rules.')
protocol = self.ConstructProtocol(client.messages, args)
if args.address is None or args.ip_version:
ip_version = client.messages.ForwardingRule.IpVersionValueValuesEnum(
args.ip_version or 'IPV4')
else:
ip_version = None
address = self._ResolveAddress(resources, args,
compute_flags.compute_scope.ScopeEnum.GLOBAL,
forwarding_rule_ref)
forwarding_rule = client.messages.ForwardingRule(
description=args.description,
name=forwarding_rule_ref.Name(),
IPAddress=address,
IPProtocol=protocol,
portRange=port_range,
target=target_as_str,
ipVersion=ip_version,
networkTier=_ConstructNetworkTier(client.messages, args),
loadBalancingScheme=load_balancing_scheme)
if sd_registration:
forwarding_rule.serviceDirectoryRegistrations.append(sd_registration)
if args.IsSpecified('network'):
forwarding_rule.network = flags.NetworkArg(
self._support_l7_internal_load_balancing).ResolveAsResource(
args, resources).SelfLink()
if self._support_global_access and args.IsSpecified('allow_global_access'):
forwarding_rule.allowGlobalAccess = args.allow_global_access
request = client.messages.ComputeGlobalForwardingRulesInsertRequest(
forwardingRule=forwarding_rule, project=forwarding_rule_ref.project)
return [(client.apitools_client.globalForwardingRules, 'Insert', request)]