def _ValidateRegionalArgs(args): """Validate the regional forwarding rules args. Args: args: The arguments given to the create/set-target command. """ if getattr(args, 'global', None): raise exceptions.ArgumentError( 'You cannot specify [--global] for a regional ' 'forwarding rule.') # For flexible networking, with STANDARD network tier the regional forwarding # rule can have global target. The request may not specify network tier # because it can be set as default project setting, so here let backend do # validation. if args.target_instance_zone and not args.target_instance: raise exceptions.ArgumentError( 'You cannot specify [--target-instance-zone] unless you are ' 'specifying [--target-instance].') if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL': if getattr(args, 'port_range', None): raise exceptions.ArgumentError( 'You cannot specify [--port-range] for a forwarding rule ' 'whose [--load-balancing-scheme] is internal, ' 'please use [--ports] flag instead.') if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL_SELF_MANAGED': raise exceptions.ArgumentError( 'You cannot specify an INTERNAL_SELF_MANAGED [--load-balancing-scheme] ' 'for a regional forwarding rule.')
def _ValidateGlobalArgs(args): """Validate the global forwarding rules args.""" if args.target_instance: raise exceptions.ArgumentError( 'You cannot specify [--target-instance] for a global ' 'forwarding rule.') if args.target_pool: raise exceptions.ArgumentError( 'You cannot specify [--target-pool] for a global ' 'forwarding rule.') if getattr(args, 'backend_service', None): raise exceptions.ArgumentError( 'You cannot specify [--backend-service] for a global ' 'forwarding rule.') if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL': raise exceptions.ArgumentError( 'You cannot specify internal [--load-balancing-scheme] for a global ' 'forwarding rule.') if getattr(args, 'target_vpn_gateway', None): raise exceptions.ArgumentError( 'You cannot specify [--target-vpn-gateway] for a global ' 'forwarding rule.') if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL_SELF_MANAGED': if (not getattr(args, 'target_http_proxy', None) and not getattr(args, 'target_https_proxy', None) and not getattr(args, 'target_grpc_proxy', None) and not getattr(args, 'target_tcp_proxy', None)): target_error_message_with_tcp = ( 'You must specify either [--target-http-proxy], ' '[--target-https-proxy], [--target-grpc-proxy] ' 'or [--target-tcp-proxy] for an ' 'INTERNAL_SELF_MANAGED [--load-balancing-scheme].') raise exceptions.ArgumentError(target_error_message_with_tcp) if getattr(args, 'subnet', None): raise exceptions.ArgumentError( 'You cannot specify [--subnet] for an INTERNAL_SELF_MANAGED ' '[--load-balancing-scheme].') if not getattr(args, 'address', None): raise exceptions.ArgumentError( 'You must specify [--address] for an INTERNAL_SELF_MANAGED ' '[--load-balancing-scheme]')
def _ValidateRegionalArgs(args): """Validate the regional forwarding rules args. Args: args: The arguments given to the create/set-target command. """ if getattr(args, 'global', None): raise exceptions.ArgumentError( 'You cannot specify [--global] for a regional ' 'forwarding rule.') # For flexible networking, with STANDARD network tier the regional forwarding # rule can have global target. The request may not specify network tier # because it can be set as default project setting, so here let backend do # validation. if args.target_instance_zone and not args.target_instance: raise exceptions.ArgumentError( 'You cannot specify [--target-instance-zone] unless you are ' 'specifying [--target-instance].') if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL': if getattr(args, 'port_range', None): raise exceptions.ArgumentError( 'You cannot specify [--port-range] for a forwarding rule ' 'whose [--load-balancing-scheme] is internal, ' 'please use [--ports] flag instead.') schemes_allowing_network_fields = ['INTERNAL', 'INTERNAL_MANAGED'] ip_version = getattr(args, 'ip_version', None) if ip_version == 'IPV6' and (getattr(args, 'load_balancing_scheme', None) not in [None, 'EXTERNAL'] or not getattr(args, 'backend_service', None) or not getattr(args, 'subnet', None) or getattr(args, 'network', None)): raise exceptions.ArgumentError( 'IPv6 forwarding rules are only supported for EXTERNAL ' '[--load-balancing-scheme] with Backend Service and must ' 'be assigned a subnetwork only.') elif (ip_version != 'IPV6' and getattr(args, 'subnet', None) or getattr(args, 'network', None)) and not getattr( args, 'target_service_attachment', None) and getattr( args, 'load_balancing_scheme', None) not in schemes_allowing_network_fields: raise exceptions.ArgumentError( 'You cannot specify [--subnet] or [--network] for non-internal ' '[--load-balancing-scheme] non-PSC forwarding rule.') if getattr(args, 'load_balancing_scheme', None) == 'INTERNAL_SELF_MANAGED': raise exceptions.ArgumentError( 'You cannot specify an INTERNAL_SELF_MANAGED [--load-balancing-scheme] ' 'for a regional forwarding rule.')
def GetRegionalTarget(client, resources, args, forwarding_rule_ref=None, include_l7_internal_load_balancing=False, include_target_service_attachment=False): """Return the forwarding target for a regionally scoped request.""" _ValidateRegionalArgs(args) if forwarding_rule_ref: region_arg = forwarding_rule_ref.region project_arg = forwarding_rule_ref.project else: region_arg = args.region project_arg = None if args.target_pool: if not args.target_pool_region and region_arg: args.target_pool_region = region_arg target_ref = flags.TARGET_POOL_ARG.ResolveAsResource( args, resources, scope_lister=compute_flags.GetDefaultScopeLister(client)) target_region = target_ref.region elif args.target_instance: target_ref = flags.TARGET_INSTANCE_ARG.ResolveAsResource( args, resources, scope_lister=_GetZonesInRegionLister( ['--target-instance-zone'], region_arg, client, project_arg or properties.VALUES.core.project.GetOrFail())) target_region = utils.ZoneNameToRegionName(target_ref.zone) elif getattr(args, 'target_vpn_gateway', None): if not args.target_vpn_gateway_region and region_arg: args.target_vpn_gateway_region = region_arg target_ref = flags.TARGET_VPN_GATEWAY_ARG.ResolveAsResource( args, resources) target_region = target_ref.region elif getattr(args, 'backend_service', None): if not args.backend_service_region and region_arg: args.backend_service_region = region_arg target_ref = flags.BACKEND_SERVICE_ARG.ResolveAsResource( args, resources) target_region = target_ref.region elif args.target_http_proxy: target_ref = flags.TargetHttpProxyArg( include_l7_internal_load_balancing= include_l7_internal_load_balancing).ResolveAsResource( args, resources, default_scope=compute_scope.ScopeEnum.GLOBAL) target_region = region_arg elif args.target_https_proxy: target_ref = flags.TargetHttpsProxyArg( include_l7_internal_load_balancing= include_l7_internal_load_balancing).ResolveAsResource( args, resources, default_scope=compute_scope.ScopeEnum.GLOBAL) target_region = region_arg elif args.target_ssl_proxy: target_ref = flags.TARGET_SSL_PROXY_ARG.ResolveAsResource( args, resources) target_region = region_arg elif args.target_tcp_proxy: target_ref = flags.TARGET_TCP_PROXY_ARG.ResolveAsResource( args, resources) target_region = region_arg elif include_target_service_attachment and args.target_service_attachment: target_ref = flags.TargetServiceAttachmentArg().ResolveAsResource( args, resources) target_region = target_ref.region if target_region != region_arg or ( args.target_service_attachment_region and region_arg and args.target_service_attachment_region != region_arg): raise exceptions.ArgumentError( 'The region of the provided service attachment must equal the ' '[--region] of the forwarding rule.') return target_ref, target_region
def _CreateGlobalRequests(self, client, resources, args, forwarding_rule_ref): """Create a globally scoped request.""" is_psc_google_apis = False if hasattr(args, 'target_google_apis_bundle') and args.target_google_apis_bundle: if not self._support_psc_google_apis: raise exceptions.InvalidArgumentException( '--target-google-apis-bundle', 'Private Service Connect for Google APIs (the target-google-apis-bundle option ' 'for forwarding rules) is not supported in this API version.') else: is_psc_google_apis = True sd_registration = None if hasattr(args, 'service_directory_registration' ) and args.service_directory_registration: if not is_psc_google_apis: raise exceptions.InvalidArgumentException( '--service-directory-registration', 'Can only be specified for regional forwarding rules or Private Service Connect forwarding rules targeting a Google APIs bundle.' ) # Parse projects/../locations/.. match = re.match( r'^projects/([^/]+)/locations/([^/]+)(?:/namespaces/([^/]+))?$', args.service_directory_registration) if not match: raise exceptions.InvalidArgumentException( '--service-directory-registration', 'Must be of the form projects/PROJECT/locations/REGION or projects/PROJECT/locations/REGION/namespaces/NAMESPACE' ) project = match.group(1) region = match.group(2) namespace = match.group(3) if project != forwarding_rule_ref.project: raise exceptions.InvalidArgumentException( '--service-directory-registration', 'Must be in the same project as the forwarding rule.') sd_registration = client.messages.ForwardingRuleServiceDirectoryRegistration( serviceDirectoryRegion=region, namespace=namespace) ports_all_specified, range_list = _ExtractPortsAndAll(args.ports) port_range = _MakeSingleUnifiedPortRange(args.port_range, range_list) # All global forwarding rules must use EXTERNAL or INTERNAL_SELF_MANAGED # schemes presently. load_balancing_scheme = _GetLoadBalancingScheme(args, client.messages, is_psc_google_apis) if is_psc_google_apis: rule_name = forwarding_rule_ref.Name() if len(rule_name) > 20 or rule_name[0].isdigit( ) or not rule_name.isalnum(): raise fw_exceptions.ArgumentError( 'A forwarding rule to Google APIs must have a name that is between ' ' 1-20 characters long, alphanumeric, starting with a letter.') if port_range: raise exceptions.InvalidArgumentException( '--ports', '[--ports] is not allowed for PSC-GoogleApis forwarding rules.') if load_balancing_scheme: raise exceptions.InvalidArgumentException( '--load-balancing-scheme', 'The --load-balancing-scheme flag is not allowed for PSC-GoogleApis' ' forwarding rules.') if args.target_google_apis_bundle in flags.PSC_GOOGLE_APIS_BUNDLES: target_as_str = args.target_google_apis_bundle else: bundles_list = ', '.join(flags.PSC_GOOGLE_APIS_BUNDLES) raise exceptions.InvalidArgumentException( '--target-google-apis-bundle', 'The valid values for target-google-apis-bundle are: ' + bundles_list) else: # L7XLB in Premium Tier. target_ref = utils.GetGlobalTarget(resources, args) target_as_str = target_ref.SelfLink() if ports_all_specified: raise exceptions.InvalidArgumentException( '--ports', '[--ports] cannot be set to ALL for global forwarding rules.') if not port_range: raise exceptions.InvalidArgumentException( '--ports', '[--ports] is required for global forwarding rules.') protocol = self.ConstructProtocol(client.messages, args) if args.address is None or args.ip_version: ip_version = client.messages.ForwardingRule.IpVersionValueValuesEnum( args.ip_version or 'IPV4') else: ip_version = None address = self._ResolveAddress(resources, args, compute_flags.compute_scope.ScopeEnum.GLOBAL, forwarding_rule_ref) forwarding_rule = client.messages.ForwardingRule( description=args.description, name=forwarding_rule_ref.Name(), IPAddress=address, IPProtocol=protocol, portRange=port_range, target=target_as_str, ipVersion=ip_version, networkTier=_ConstructNetworkTier(client.messages, args), loadBalancingScheme=load_balancing_scheme) if sd_registration: forwarding_rule.serviceDirectoryRegistrations.append(sd_registration) if args.IsSpecified('network'): forwarding_rule.network = flags.NetworkArg( self._support_l7_internal_load_balancing).ResolveAsResource( args, resources).SelfLink() if self._support_global_access and args.IsSpecified('allow_global_access'): forwarding_rule.allowGlobalAccess = args.allow_global_access request = client.messages.ComputeGlobalForwardingRulesInsertRequest( forwardingRule=forwarding_rule, project=forwarding_rule_ref.project) return [(client.apitools_client.globalForwardingRules, 'Insert', request)]