def add_updatable_arguments(parser):
parser.add_argument(
'--name',
help=_('Name of this subnet.'))
parser.add_argument(
'--description',
help=_('Description of this subnet.'))
gateway_sg = parser.add_mutually_exclusive_group()
gateway_sg.add_argument(
'--gateway', metavar='GATEWAY_IP',
help=_('Gateway IP of this subnet.'))
gateway_sg.add_argument(
'--no-gateway',
action='store_true',
help=_('Do not configure a gateway for this subnet.'))
parser.add_argument(
'--allocation-pool', metavar='start=IP_ADDR,end=IP_ADDR',
action='append', dest='allocation_pools',
type=utils.str2dict_type(required_keys=['start', 'end']),
help=_('Allocation pool IP addresses for this subnet '
'(This option can be repeated).'))
parser.add_argument(
'--allocation_pool',
action='append', dest='allocation_pools',
type=utils.str2dict_type(required_keys=['start', 'end']),
help=argparse.SUPPRESS)
parser.add_argument(
'--host-route', metavar='destination=CIDR,nexthop=IP_ADDR',
action='append', dest='host_routes',
type=utils.str2dict_type(required_keys=['destination', 'nexthop']),
help=_('Additional route (This option can be repeated).'))
parser.add_argument(
'--dns-nameserver', metavar='DNS_NAMESERVER',
action='append', dest='dns_nameservers',
help=_('DNS name server for this subnet '
'(This option can be repeated).'))
parser.add_argument(
'--disable-dhcp',
action='store_true',
help=_('Disable DHCP for this subnet.'))
parser.add_argument(
'--enable-dhcp',
action='store_true',
help=_('Enable DHCP for this subnet.'))
# NOTE(ihrachys): yes, that's awful, but should be left as-is for
# backwards compatibility for versions <=2.3.4 that passed the
# boolean values through to the server without any argument
# validation.
parser.add_argument(
'--enable-dhcp=True',
action='store_true',
dest='enable_dhcp',
help=argparse.SUPPRESS)
parser.add_argument(
'--enable-dhcp=False',
action='store_true',
dest='disable_dhcp',
help=argparse.SUPPRESS)
def add_arguments_snmp_netconf(self, parser):
group_snmp_netconf = parser.add_mutually_exclusive_group()
group_snmp_netconf.add_argument(
'--snmpv1',
metavar=meta_snmpv1_v2,
action='append',
type=utils.str2dict_type(optional_keys=['write_community']),
dest='snmpv1',
help=_('SNMPV1 access '
'credentials for'
' physical'
' switch.'))
group_snmp_netconf.add_argument(
'--snmpv2c',
metavar=meta_snmpv1_v2,
action='append',
dest='snmpv2c',
type=utils.str2dict_type(optional_keys=['write_community']),
help=_('SNMPV2c access credentials'
' for physical switch.'))
group_snmp_netconf.add_argument(
'--snmpv3',
metavar=meta_snmpv3,
action='append',
dest='snmpv3',
type=utils.str2dict_type(optional_keys=[
'security_name', 'auth_protocol', 'priv_protocol', 'auth_key',
'priv_key'
]),
help=_('SNMPV3 access credentials for'
' physical switch.'))
group_snmp_netconf.add_argument(
'--netconf-ssh',
metavar=meta_netconf_ssh,
action='append',
dest='netconf_ssh',
type=utils.str2dict_type(
optional_keys=['user_name', 'password', 'key_path']),
help=_('NETCONF-SSH access credentials'
' for physical switch.'
' Absolute path has to be pro'
'vided for key_path.'))
group_snmp_netconf.add_argument(
'--netconf-soap',
metavar=meta_netconf_soap,
action='append',
dest='netconf_soap',
type=utils.str2dict_type(optional_keys=['user_name', 'password']),
help=_('NETCONF-SOAP access'
' credentials for physical'
' switch.'))
def add_arguments_snmp_netconf(self, parser):
group_snmp_netconf = parser.add_mutually_exclusive_group()
group_snmp_netconf.add_argument(
"--snmpv1",
metavar=meta_snmpv1_v2,
action="append",
type=utils.str2dict_type(optional_keys=["write_community"]),
dest="snmpv1",
help=_("SNMPV1 access " "credentials for" " physical" " switch."),
)
group_snmp_netconf.add_argument(
"--snmpv2c",
metavar=meta_snmpv1_v2,
action="append",
dest="snmpv2c",
type=utils.str2dict_type(optional_keys=["write_community"]),
help=_("SNMPV2c access credentials" " for physical switch."),
)
group_snmp_netconf.add_argument(
"--snmpv3",
metavar=meta_snmpv3,
action="append",
dest="snmpv3",
type=utils.str2dict_type(
optional_keys=["security_name", "auth_protocol", "priv_protocol", "auth_key", "priv_key"]
),
help=_("SNMPV3 access credentials for" " physical switch."),
)
group_snmp_netconf.add_argument(
"--netconf-ssh",
metavar=meta_netconf_ssh,
action="append",
dest="netconf_ssh",
type=utils.str2dict_type(optional_keys=["user_name", "password", "key_path"]),
help=_(
"NETCONF-SSH access credentials"
" for physical switch."
" Absolute path has to be pro"
"vided for key_path."
),
)
group_snmp_netconf.add_argument(
"--netconf-soap",
metavar=meta_netconf_soap,
action="append",
dest="netconf_soap",
type=utils.str2dict_type(optional_keys=["user_name", "password"]),
help=_("NETCONF-SOAP access" " credentials for physical" " switch."),
)
def add_arguments_snmp_netconf(self, parser):
group_snmp_netconf = parser.add_mutually_exclusive_group()
group_snmp_netconf.add_argument('--snmpv1',
metavar=meta_snmpv1_v2,
action='append',
type=utils.str2dict_type(
optional_keys=['write_community']),
dest='snmpv1', help=_('SNMPV1 access '
'credentials for'
' physical'
' switch.')
)
group_snmp_netconf.add_argument('--snmpv2c',
metavar=meta_snmpv1_v2,
action='append', dest='snmpv2c',
type=utils.str2dict_type(
optional_keys=['write_community']),
help=_('SNMPV2c access credentials'
' for physical switch.'))
group_snmp_netconf.add_argument('--snmpv3', metavar=meta_snmpv3,
action='append', dest='snmpv3',
type=utils.str2dict_type(
optional_keys=[
'security_name',
'auth_protocol',
'priv_protocol', 'auth_key',
'priv_key']),
help=_('SNMPV3 access credentials for'
' physical switch.'))
group_snmp_netconf.add_argument('--netconf-ssh',
metavar=meta_netconf_ssh,
action='append', dest='netconf_ssh',
type=utils.str2dict_type(
optional_keys=['user_name',
'password',
'key_path']),
help=_('NETCONF-SSH access credentials'
' for physical switch.'
' Absolute path has to be pro'
'vided for key_path.'))
group_snmp_netconf.add_argument('--netconf-soap',
metavar=meta_netconf_soap,
action='append', dest='netconf_soap',
type=utils.str2dict_type(
optional_keys=['user_name',
'password']),
help=_('NETCONF-SOAP access'
' credentials for physical'
' switch.'))
def get_parser(self, prog_name):
parser = super(CreatePortPair, self).get_parser(prog_name)
parser.add_argument('name',
metavar='NAME',
help=_('Name of the Port Pair.'))
parser.add_argument('--description',
help=_('Description for the Port Pair.'))
parser.add_argument('--ingress',
required=True,
help=_('ID or name of the ingress neutron port.'))
parser.add_argument('--egress',
required=True,
help=_('ID or name of the egress neutron port.'))
parser.add_argument(
'--service-function-parameter',
metavar='[correlation=CORRELATION_TYPE, weight=WEIGHT]',
type=nc_utils.str2dict_type(
optional_keys=['correlation', 'weight']),
help=_('Dictionary of Service function parameters. '
'Currently, only correlation=None and weight '
'is supported. Weight is an integer that influences '
'the selection of a port pair within a port pair group '
'for a flow. The higher the weight, the more flows will '
'hash to the port pair. The default weight is 1.'))
return parser
def _get_common_parser(parser):
parser.add_argument('--description',
metavar='<description>',
help=_('Description of the IKE policy'))
parser.add_argument('--auth-algorithm',
choices=['sha1', 'sha256', 'sha384', 'sha512'],
type=_convert_to_lowercase,
help=_('Authentication algorithm'))
parser.add_argument('--encryption-algorithm',
choices=['aes-128', '3des', 'aes-192', 'aes-256'],
type=_convert_to_lowercase,
help=_('Encryption algorithm'))
parser.add_argument('--phase1-negotiation-mode',
choices=['main', 'aggressive'],
type=_convert_to_lowercase,
help=_('IKE Phase1 negotiation mode'))
parser.add_argument('--ike-version',
choices=['v1', 'v2'],
type=_convert_to_lowercase,
help=_('IKE version for the policy'))
parser.add_argument('--pfs',
choices=['group5', 'group2', 'group14'],
type=_convert_to_lowercase,
help=_('Perfect Forward Secrecy'))
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=nc_utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IKE"))
return parser
def _get_common_parser(parser):
parser.add_argument('--description',
metavar='<description>',
help=_('Description of the IPsec policy'))
parser.add_argument('--auth-algorithm',
choices=['sha1', 'sha256', 'sha384', 'sha512'],
type=_convert_to_lowercase,
help=_('Authentication algorithm for IPsec policy'))
parser.add_argument('--encapsulation-mode',
choices=['tunnel', 'transport'],
type=_convert_to_lowercase,
help=_('Encapsulation mode for IPsec policy'))
parser.add_argument('--encryption-algorithm',
choices=['3des', 'aes-128', 'aes-192', 'aes-256'],
type=_convert_to_lowercase,
help=_('Encryption algorithm for IPsec policy'))
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=nc_utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IPsec"))
parser.add_argument('--pfs',
choices=['group2', 'group5', 'group14'],
type=_convert_to_lowercase,
help=_('Perfect Forward Secrecy for IPsec policy'))
parser.add_argument('--transform-protocol',
type=_convert_to_lowercase,
choices=['esp', 'ah', 'ah-esp'],
help=_('Transform protocol for IPsec policy'))
def add_known_arguments(self, parser):
parser.add_argument(
'name',
metavar='NAME',
help=_('Name of the Port Pair.'))
parser.add_argument(
'--description',
help=_('Description for the Port Pair.'))
parser.add_argument(
'--ingress',
required=True,
help=_('ID or name of the ingress neutron port.'))
parser.add_argument(
'--egress',
required=True,
help=_('ID or name of the egress neutron port.'))
parser.add_argument(
'--service-function-parameters',
metavar='[correlation=CORRELATION_TYPE, weight=WEIGHT]',
type=utils.str2dict_type(optional_keys=['correlation',
'weight']),
help=_('Dictionary of Service function parameters. '
'Currently, only correlation=None and weight '
'is supported. Weight is an integer that influences '
'the selection of a port pair within a port pair group '
'for a flow. The higher the weight, the more flows will '
'hash to the port pair. The default weight is 1.'))
def add_known_arguments(self, parser):
parser.add_argument(
'--description',
help=_('Description of the IPsec policy.'))
parser.add_argument(
'--transform-protocol',
default='esp', choices=['esp', 'ah', 'ah-esp'],
help=_('Transform protocol in lowercase, default:esp'))
parser.add_argument(
'--auth-algorithm',
default='sha1', choices=['sha1', 'sha256'],
help=_('Authentication algorithm in lowercase, default:sha1'))
parser.add_argument(
'--encryption-algorithm',
default='aes-128',
help=_('Encryption algorithm in lowercase, default:aes-128'))
parser.add_argument(
'--encapsulation-mode',
default='tunnel', choices=['tunnel', 'transport'],
help=_('Encapsulation mode in lowercase, default:tunnel'))
parser.add_argument(
'--pfs',
default='group5', choices=['group2', 'group5', 'group14'],
help=_('Perfect Forward Secrecy in lowercase, default:group5'))
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IPsec"))
parser.add_argument(
'name', metavar='NAME',
help=_('Name of the IPsec policy.'))
def _add_updatable_args(parser):
parser.add_argument(
'--name',
help=_('Name of this port.'))
parser.add_argument(
'--fixed-ip', metavar='subnet_id=SUBNET,ip_address=IP_ADDR',
action='append',
type=utils.str2dict_type(optional_keys=['subnet_id', 'ip_address']),
help=_('Desired IP and/or subnet for this port: '
'subnet_id=<name_or_id>,ip_address=<ip>. '
'You can repeat this option.'))
parser.add_argument(
'--fixed_ip',
action='append',
help=argparse.SUPPRESS)
parser.add_argument(
'--device-id',
help=_('Device ID of this port.'))
parser.add_argument(
'--device_id',
help=argparse.SUPPRESS)
parser.add_argument(
'--device-owner',
help=_('Device owner of this port.'))
parser.add_argument(
'--device_owner',
help=argparse.SUPPRESS)
def add_known_arguments(self, parser):
parser.add_argument(
'--name',
help=_('Name of this router.'))
utils.add_boolean_argument(
parser, '--admin-state-up', dest='admin_state',
help=_('Specify the administrative state of the router'
' (True meaning "Up")'))
utils.add_boolean_argument(
parser, '--admin_state_up', dest='admin_state',
help=argparse.SUPPRESS)
utils.add_boolean_argument(
parser, '--distributed', dest='distributed',
help=_('True means this router should operate in'
' distributed mode.'))
routes_group = parser.add_mutually_exclusive_group()
routes_group.add_argument(
'--route', metavar='destination=CIDR,nexthop=IP_ADDR',
action='append', dest='routes',
type=utils.str2dict_type(required_keys=['destination', 'nexthop']),
help=_('Route to associate with the router.'
' You can repeat this option.'))
routes_group.add_argument(
'--no-routes',
action='store_true',
help=_('Remove routes associated with the router.'))
def get_parser(self, prog_name):
parser = super(CreatePortPairGroup, self).get_parser(prog_name)
parser.add_argument(
'name',
metavar='NAME',
help=_('Name of the Port Pair Group.'))
parser.add_argument(
'--description',
help=_('Description for the Port Pair Group.'))
parser.add_argument(
'--port-pair',
metavar='PORT-PAIR',
dest='port_pairs',
default=[],
action='append',
help=_('ID or name of the Port Pair.'
'This option can be repeated.'))
parser.add_argument(
'--port-pair-group-parameters',
metavar='[lb_fields=LB_FIELDS]',
type=nc_utils.str2dict_type(optional_keys=['lb_fields']),
help=_('Dictionary of Port pair group parameters. '
'Currently, only \'&\' separated string of the lb_fields '
'are supported.'))
return parser
def _add_updatable_args(parser):
parser.add_argument(
'--name',
help=_('Name of this port.'))
parser.add_argument(
'--description',
help=_('Description of this port.'))
parser.add_argument(
'--fixed-ip', metavar='subnet_id=SUBNET,ip_address=IP_ADDR',
action='append',
type=utils.str2dict_type(optional_keys=['subnet_id', 'ip_address']),
help=_('Desired IP and/or subnet for this port: '
'subnet_id=<name_or_id>,ip_address=<ip>. '
'You can repeat this option.'))
parser.add_argument(
'--fixed_ip',
action='append',
help=argparse.SUPPRESS)
parser.add_argument(
'--device-id',
help=_('Device ID of this port.'))
parser.add_argument(
'--device_id',
help=argparse.SUPPRESS)
parser.add_argument(
'--device-owner',
help=_('Device owner of this port.'))
parser.add_argument(
'--device_owner',
help=argparse.SUPPRESS)
def add_known_arguments(self, parser):
parser.add_argument(
'name',
metavar='NAME',
help=_('Name of the Port Chain.'))
parser.add_argument(
'--description',
help=_('Description for the Port Chain.'))
parser.add_argument(
'--port-pair-group',
metavar='PORT-PAIR-GROUP',
dest='port_pair_groups',
default=[], required=True,
action='append',
help=_('ID or name of the Port Pair Group. '
'This option can be repeated.'))
parser.add_argument(
'--flow-classifier',
default=[],
metavar='FLOW-CLASSIFIER',
dest='flow_classifiers',
action='append',
help=_('ID or name of the Flow Classifier.'
'This option can be repeated.'))
parser.add_argument(
'--chain-parameters',
metavar='[correlation=CORRELATION_TYPE, symmetric=BOOLEAN_TYPE]',
type=utils.str2dict_type(optional_keys=['correlation',
'symmetric']),
help=_('Dictionary of chain parameters. Supports '
'correlation=mpls and symmetric=true|false.'))
def add_known_arguments(self, parser):
parser.add_argument('--name', help=_('Updated name of the router.'))
parser.add_argument('--description', help=_('Description of router.'))
utils.add_boolean_argument(
parser,
'--admin-state-up',
dest='admin_state',
help=_('Specify the administrative state of the router '
'(True means "Up").'))
utils.add_boolean_argument(parser,
'--admin_state_up',
dest='admin_state',
help=argparse.SUPPRESS)
utils.add_boolean_argument(
parser,
'--distributed',
dest='distributed',
help=_('True means this router should operate in '
'distributed mode.'))
routes_group = parser.add_mutually_exclusive_group()
routes_group.add_argument(
'--route',
metavar='destination=CIDR,nexthop=IP_ADDR',
action='append',
dest='routes',
type=utils.str2dict_type(required_keys=['destination', 'nexthop']),
help=_('Route to associate with the router.'
' You can repeat this option.'))
routes_group.add_argument(
'--no-routes',
action='store_true',
help=_('Remove routes associated with the router.'))
def add_known_arguments(self, parser):
parser.add_argument(
'--description',
help=_('Description of the IKE policy'))
parser.add_argument(
'--auth-algorithm',
default='sha1', choices=['sha1', 'sha256'],
help=_('Authentication algorithm in lowercase. '
'Default:sha1'))
parser.add_argument(
'--encryption-algorithm',
default='aes-128',
help=_('Encryption algorithm in lowercase, default:aes-128'))
parser.add_argument(
'--phase1-negotiation-mode',
default='main', choices=['main'],
help=_('IKE Phase1 negotiation mode in lowercase, default:main'))
parser.add_argument(
'--ike-version',
default='v1', choices=['v1', 'v2'],
help=_('IKE version in lowercase, default:v1'))
parser.add_argument(
'--pfs',
default='group5', choices=['group2', 'group5', 'group14'],
help=_('Perfect Forward Secrecy in lowercase, default:group5'))
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IKE"))
parser.add_argument(
'name', metavar='NAME',
help=_('Name of the IKE policy.'))
def add_known_arguments(self, parser):
parser.add_argument('name',
metavar='NAME',
help=_('Name of the Port Chain.'))
parser.add_argument('--description',
help=_('Description for the Port Chain.'))
parser.add_argument('--port-pair-group',
metavar='PORT-PAIR-GROUP',
dest='port_pair_groups',
default=[],
required=True,
action='append',
help=_('ID or name of the Port Pair Group. '
'This option can be repeated.'))
parser.add_argument('--flow-classifier',
default=[],
metavar='FLOW-CLASSIFIER',
dest='flow_classifiers',
action='append',
help=_('ID or name of the Flow Classifier.'
'This option can be repeated.'))
parser.add_argument(
'--chain-parameters',
metavar='[correlation=CORRELATION_TYPE, symmetric=BOOLEAN_TYPE]',
type=utils.str2dict_type(
optional_keys=['correlation', 'symmetric']),
help=_('Dictionary of chain parameters. Supports '
'correlation=nsh and symmetric=true|false.'))
def add_known_arguments(self, parser):
_add_common_args(parser)
parser.add_argument(
'--admin-state-down',
dest='admin_state', action='store_false',
help=_('Set admin state up to false.'))
parser.add_argument(
'--listener',
help=_('Listener whose default-pool should be set to this pool. '
'At least one of --listener or --loadbalancer must be '
'specified.'))
parser.add_argument(
'--loadbalancer',
help=_('Loadbalancer with which this pool should be associated. '
'At least one of --listener or --loadbalancer must be '
'specified.'))
parser.add_argument(
'--protocol',
type=utils.convert_to_uppercase,
required=True,
choices=['HTTP', 'HTTPS', 'TCP'],
help=_('Protocol for balancing.'))
parser.add_argument(
'--session-persistence',
metavar='type=TYPE[,cookie_name=COOKIE_NAME]',
type=utils.str2dict_type(required_keys=['type'],
optional_keys=['cookie_name']),
help=_('The type of session persistence to use and associated '
'cookie name.'))
def get_parser(self, prog_name):
parser = super(SetGatewayRouter, self).get_parser(prog_name)
parser.add_argument(
'router', metavar='ROUTER',
help=_('ID or name of the router.'))
parser.add_argument(
'external_network', metavar='EXTERNAL-NETWORK',
help=_('ID or name of the external network for the gateway.'))
parser.add_argument(
'--enable-snat', action='store_true',
help=_('Enable source NAT on the router gateway.'))
parser.add_argument(
'--disable-snat', action='store_true',
help=_('Disable source NAT on the router gateway.'))
parser.add_argument(
'--fixed-ip', metavar='subnet_id=SUBNET,ip_address=IP_ADDR',
action='append',
type=utils.str2dict_type(optional_keys=['subnet_id',
'ip_address']),
help=_('Desired IP and/or subnet on external network: '
'subnet_id=<name_or_id>,ip_address=<ip>. '
'You can specify both of subnet_id and ip_address or '
'specify one of them as well. '
'You can repeat this option.'))
return parser
def get_parser(self, prog_name):
parser = super(SetGatewayRouter, self).get_parser(prog_name)
parser.add_argument('router',
metavar='ROUTER',
help=_('ID or name of the router.'))
parser.add_argument(
'external_network',
metavar='EXTERNAL-NETWORK',
help=_('ID or name of the external network for the gateway.'))
parser.add_argument(
'--disable-snat',
action='store_true',
help=_('Disable source NAT on the router gateway.'))
parser.add_argument(
'--fixed-ip',
metavar='subnet_id=SUBNET,ip_address=IP_ADDR',
action='append',
type=utils.str2dict_type(
optional_keys=['subnet_id', 'ip_address']),
help=_('Desired IP and/or subnet on external network: '
'subnet_id=<name_or_id>,ip_address=<ip>. '
'You can specify both of subnet_id and ip_address or '
'specify one of them as well. '
'You can repeat this option.'))
return parser
def add_common_args(parser, is_create=True):
parser.add_argument(
'--auth-algorithm',
default='sha1' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
help=_('Authentication algorithm for IPsec policy, default:sha1.'))
parser.add_argument('--description',
help=_('Description of the IPsec policy.'))
parser.add_argument(
'--encapsulation-mode',
default='tunnel' if is_create else argparse.SUPPRESS,
choices=['tunnel', 'transport'],
type=utils.convert_to_lowercase,
help=_('Encapsulation mode for IPsec policy, default:tunnel.'))
parser.add_argument(
'--encryption-algorithm',
default='aes-128' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
help=_('Encryption algorithm for IPsec policy, default:aes-128.'))
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IPsec"))
parser.add_argument(
'--pfs',
default='group5' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
help=_('Perfect Forward Secrecy for IPsec policy, default:group5.'))
parser.add_argument(
'--transform-protocol',
default='esp' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
choices=['esp', 'ah', 'ah-esp'],
help=_('Transform protocol for IPsec policy, default:esp.'))
def add_common_args(parser, is_create=True):
parser.add_argument('--description',
help=_('Description of the IKE policy.'))
parser.add_argument('--auth-algorithm',
type=utils.convert_to_lowercase,
default='sha1' if is_create else argparse.SUPPRESS,
help=_('Authentication algorithm, default:sha1.'))
parser.add_argument('--encryption-algorithm',
default='aes-128' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
help=_('Encryption algorithm, default:aes-128.'))
parser.add_argument('--phase1-negotiation-mode',
default='main' if is_create else argparse.SUPPRESS,
choices=['main'],
type=utils.convert_to_lowercase,
help=_('IKE Phase1 negotiation mode, default:main.'))
parser.add_argument('--ike-version',
default='v1' if is_create else argparse.SUPPRESS,
choices=['v1', 'v2'],
type=utils.convert_to_lowercase,
help=_('IKE version for the policy, default:v1.'))
parser.add_argument('--pfs',
default='group5' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
help=_('Perfect Forward Secrecy, default:group5.'))
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IKE"))
def _get_common_parser(parser):
parser.add_argument(
'--description',
metavar='<description>',
help=_('Description of the IPsec policy'))
parser.add_argument(
'--auth-algorithm',
choices=['sha1', 'sha256', 'sha384', 'sha512'],
type=_convert_to_lowercase,
help=_('Authentication algorithm for IPsec policy'))
parser.add_argument(
'--encapsulation-mode',
choices=['tunnel', 'transport'],
type=_convert_to_lowercase,
help=_('Encapsulation mode for IPsec policy'))
parser.add_argument(
'--encryption-algorithm',
choices=['3des', 'aes-128', 'aes-192', 'aes-256'],
type=_convert_to_lowercase,
help=_('Encryption algorithm for IPsec policy'))
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=nc_utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IPsec"))
parser.add_argument(
'--pfs',
choices=['group2', 'group5', 'group14'],
type=_convert_to_lowercase,
help=_('Perfect Forward Secrecy for IPsec policy'))
parser.add_argument(
'--transform-protocol',
type=_convert_to_lowercase,
choices=['esp', 'ah', 'ah-esp'],
help=_('Transform protocol for IPsec policy'))
def add_known_arguments(self, parser):
parser.add_argument('--name', help=_('Name of this router.'))
parser.add_argument('--description', help=_('Description of router.'))
utils.add_boolean_argument(
parser,
'--admin-state-up',
dest='admin_state',
help=_('Specify the administrative state of the router'
' (True meaning "Up")'))
utils.add_boolean_argument(parser,
'--admin_state_up',
dest='admin_state',
help=argparse.SUPPRESS)
utils.add_boolean_argument(
parser,
'--distributed',
dest='distributed',
help=_('True means this router should operate in'
' distributed mode.'))
routes_group = parser.add_mutually_exclusive_group()
routes_group.add_argument(
'--route',
metavar='destination=CIDR,nexthop=IP_ADDR',
action='append',
dest='routes',
type=utils.str2dict_type(required_keys=['destination', 'nexthop']),
help=_('Route to associate with the router.'
' You can repeat this option.'))
routes_group.add_argument(
'--no-routes',
action='store_true',
help=_('Remove routes associated with the router.'))
portfwds_group = parser.add_mutually_exclusive_group()
portfwds_group.add_argument(
'--portforwarding',
metavar=
'inside_addr=IP_ADDR,protocol=PROTOCOL,outside_port=PORT,inside_port=PORT',
action='append',
dest='portforwardings',
type=utils.str2dict_type(required_keys=[
'inside_addr', 'protocol', 'outside_port', 'inside_port'
]),
help=_('Port-forwardings to associate with the router.'))
portfwds_group.add_argument(
'--no-portforwardings',
action='store_true',
help=_('Remove portforwardings associated with the router.'))
def add_known_arguments(self, parser):
parser.add_argument('name',
metavar='NAME',
help=_('Name of the Port Pair Group.'))
add_common_arguments(parser)
parser.add_argument(
'--port-pair-group-parameters',
metavar='[lb_fields=LB_FIELDS]',
type=utils.str2dict_type(optional_keys=['lb_fields']),
help=_('Dictionary of Port pair group parameters. '
'Currently, only \'&\' separated string of the lb_fields '
'are supported.'))
def _get_common_parser(parser, is_create=True):
parser.add_argument(
'--description',
metavar='<description>',
help=_('Description for the connection'))
parser.add_argument(
'--dpd',
metavar="action=ACTION,interval=INTERVAL,timeout=TIMEOUT",
type=nc_utils.str2dict_type(
optional_keys=['action', 'interval', 'timeout']),
help=vpn_utils.dpd_help("IPsec connection"))
parser.add_argument(
'--mtu',
help=_('MTU size for the connection'))
parser.add_argument(
'--initiator',
choices=['bi-directional', 'response-only'],
type=_convert_to_lowercase,
help=_('Initiator state'))
peer_group = parser.add_mutually_exclusive_group()
peer_group.add_argument(
'--peer-cidr',
dest='peer_cidrs',
help=_('Remote subnet(s) in CIDR format. '
'Cannot be specified when using endpoint groups. Only '
'applicable, if subnet provided for VPN service.')
)
peer_group.add_argument(
'--local-endpoint-group',
help=_('Local endpoint group (name or ID) with subnet(s) '
'for IPsec connection')
)
parser.add_argument(
'--peer-endpoint-group',
help=_('Peer endpoint group (name or ID) with CIDR(s) for '
'IPSec connection'))
admin_group = parser.add_mutually_exclusive_group()
admin_group.add_argument(
'--enable',
action='store_true',
help=_("Enable IPSec site connection")
)
admin_group.add_argument(
'--disable',
action='store_true',
help=_("Disable IPSec site connection")
)
parser.add_argument(
'--local-id',
help=_('An ID to be used instead of the external IP '
'address for a virtual router'))
return parser
def add_arguments_extradhcpopt(self, parser):
group_sg = parser.add_mutually_exclusive_group()
group_sg.add_argument(
'--extra-dhcp-opt',
default=[],
action='append',
dest='extra_dhcp_opts',
type=utils.str2dict_type(required_keys=['opt_name'],
optional_keys=['opt_value',
'ip_version']),
help=_('Extra dhcp options to be assigned to this port: '
'opt_name=<dhcp_option_name>,opt_value=<value>,'
'ip_version={4,6}. You can repeat this option.'))
def add_known_arguments(self, parser):
utils.add_boolean_argument(parser,
'--admin-state-up',
help=_('Update the administrative state of '
'the pool (True meaning "Up").'))
parser.add_argument(
'--session-persistence',
metavar='type=TYPE[,cookie_name=COOKIE_NAME]',
type=utils.str2dict_type(required_keys=['type'],
optional_keys=['cookie_name']),
help=_('The type of session persistence to use and associated '
'cookie name.'))
_add_common_args(parser)
def add_physnet_argument(parser):
parser.add_argument(
'--physnet', metavar='physnet_name=PHYSNET,'
'segmentation_id=SEGMENTATIONID,'
'segmentation_type=SEGMENTATIONTYPE',
action='append',
type=neutron_utils.str2dict_type(
required_keys=['physnet_name', 'segmentation_id',
'segmentation_type']),
help=_('Desired physnet and segmentation id for this l2bridge: '
'physnet_name=<name>,segmentation_id=<segmentation_id>, '
'segmentation_type=<segmentation_type>. '
'You can repeat this option.'))
def add_arguments_extradhcpopt(self, parser):
group_sg = parser.add_mutually_exclusive_group()
group_sg.add_argument(
'--extra-dhcp-opt',
default=[],
action='append',
dest='extra_dhcp_opts',
type=utils.str2dict_type(
required_keys=['opt_name'],
optional_keys=['opt_value', 'ip_version']),
help=_('Extra dhcp options to be assigned to this port: '
'opt_name=<dhcp_option_name>,opt_value=<value>,'
'ip_version={4,6}. You can repeat this option.'))
def add_known_arguments(self, parser):
parser.add_argument(
'--name',
help=_('Name of this router.'))
parser.add_argument(
'--description',
help=_('Description of router.'))
utils.add_boolean_argument(
parser, '--admin-state-up', dest='admin_state',
help=_('Specify the administrative state of the router'
' (True meaning "Up")'))
utils.add_boolean_argument(
parser, '--admin_state_up', dest='admin_state',
help=argparse.SUPPRESS)
utils.add_boolean_argument(
parser, '--distributed', dest='distributed',
help=_('True means this router should operate in'
' distributed mode.'))
routes_group = parser.add_mutually_exclusive_group()
routes_group.add_argument(
'--route', metavar='destination=CIDR,nexthop=IP_ADDR',
action='append', dest='routes',
type=utils.str2dict_type(required_keys=['destination', 'nexthop']),
help=_('Route to associate with the router.'
' You can repeat this option.'))
routes_group.add_argument(
'--no-routes',
action='store_true',
help=_('Remove routes associated with the router.'))
portfwds_group = parser.add_mutually_exclusive_group()
portfwds_group.add_argument(
'--portforwarding', metavar='inside_addr=IP_ADDR,protocol=PROTOCOL,outside_port=PORT,inside_port=PORT',
action='append', dest='portforwardings',
type=utils.str2dict_type(required_keys=['inside_addr', 'protocol', 'outside_port', 'inside_port']),
help=_('Port-forwardings to associate with the router.'))
portfwds_group.add_argument(
'--no-portforwardings',
action='store_true',
help=_('Remove portforwardings associated with the router.'))
def add_known_arguments(self, parser):
utils.add_boolean_argument(
parser, '--admin-state-up',
help=_('Update the administrative state of '
'the pool (True meaning "Up").'))
parser.add_argument(
'--session-persistence',
metavar='type=TYPE[,cookie_name=COOKIE_NAME]',
type=utils.str2dict_type(required_keys=['type'],
optional_keys=['cookie_name']),
help=_('The type of session persistence to use and associated '
'cookie name.'))
_add_common_args(parser)
def add_known_arguments(self, parser):
parser.add_argument(
'name',
metavar='NAME',
help=_('Name of the Port Pair Group.'))
add_common_arguments(parser)
parser.add_argument(
'--port-pair-group-parameters',
metavar='[lb_fields=LB_FIELDS]',
type=utils.str2dict_type(optional_keys=['lb_fields']),
help=_('Dictionary of Port pair group parameters. '
'Currently, only \'&\' separated string of the lb_fields '
'are supported.'))
def add_known_arguments(self, parser, is_create=True):
parser.add_argument(
'--name',
help=_('Set friendly name for the connection.'))
parser.add_argument(
'--description',
help=_('Set a description for the connection.'))
parser.add_argument(
'--dpd',
metavar="action=ACTION,interval=INTERVAL,timeout=TIMEOUT",
type=utils.str2dict_type(
optional_keys=['action', 'interval', 'timeout']),
help=vpn_utils.dpd_help("IPsec connection."))
parser.add_argument(
'--local-ep-group',
help=_('Local endpoint group ID/name with subnet(s) for '
'IPSec connection.'))
parser.add_argument(
'--peer-ep-group',
help=_('Peer endpoint group ID/name with CIDR(s) for '
'IPSec connection.'))
parser.add_argument(
'--peer-cidr',
action='append', dest='peer_cidrs',
help=_('[DEPRECATED in Mitaka] Remote subnet(s) in CIDR format. '
'Cannot be specified when using endpoint groups. Only '
'applicable, if subnet provided for VPN service.'))
parser.add_argument(
'--peer-id',
required=is_create,
help=_('Peer router identity for authentication. Can be '
'IPv4/IPv6 address, e-mail address, key id, or FQDN.'))
parser.add_argument(
'--peer-address',
required=is_create,
help=_('Peer gateway public IPv4/IPv6 address or FQDN.'))
parser.add_argument(
'--psk',
required=is_create,
help=_('Pre-shared key string.'))
parser.add_argument(
'--mtu',
default='1500' if is_create else argparse.SUPPRESS,
help=_('MTU size for the connection, default:1500.'))
parser.add_argument(
'--initiator',
default='bi-directional' if is_create else argparse.SUPPRESS,
choices=['bi-directional', 'response-only'],
help=_('Initiator state in lowercase, default:bi-directional'))
def add_known_arguments(self, parser):
parser.add_argument(
'--dpd',
metavar="action=ACTION,interval=INTERVAL,timeout=TIMEOUT",
type=utils.str2dict_type(
optional_keys=['action', 'interval', 'timeout']),
help=vpn_utils.dpd_help("IPsec connection."))
parser.add_argument(
'--local-ep-group',
help=_('Local endpoint group ID/name with subnet(s) for '
'IPSec connection.'))
parser.add_argument(
'--peer-ep-group',
help=_('Peer endpoint group ID/name with CIDR(s) for '
'IPsec connection.'))
def add_known_arguments(self, parser):
parser.add_argument(
'--dpd',
metavar="action=ACTION,interval=INTERVAL,timeout=TIMEOUT",
type=utils.str2dict_type(
optional_keys=['action', 'interval', 'timeout']),
help=vpn_utils.dpd_help("IPsec connection."))
parser.add_argument(
'--local-ep-group',
help=_('Local endpoint group ID/name with subnet(s) for '
'the IPsec connection.'))
parser.add_argument('--peer-ep-group',
help=_(
'Peer endpoint group ID/name with CIDR(s) for '
'the IPsec connection.'))
def add_arguments_allowedaddresspairs(self, parser):
group_aap = parser.add_mutually_exclusive_group()
group_aap.add_argument(
'--allowed-address-pair',
metavar='ip_address=IP_ADDR[,mac_address=MAC_ADDR]',
default=[],
action='append',
dest='allowed_address_pairs',
type=utils.str2dict_type(required_keys=['ip_address'],
optional_keys=['mac_address']),
help=_('Allowed address pair associated with the port. '
'You can repeat this option.'))
group_aap.add_argument(
'--no-allowed-address-pairs',
action='store_true',
help=_('Associate no allowed address pairs with the port.'))
def add_known_arguments(self, parser, is_create=True):
parser.add_argument('--name',
help=_('Set friendly name for the connection.'))
parser.add_argument('--description',
help=_('Set a description for the connection.'))
parser.add_argument(
'--dpd',
metavar="action=ACTION,interval=INTERVAL,timeout=TIMEOUT",
type=utils.str2dict_type(
optional_keys=['action', 'interval', 'timeout']),
help=vpn_utils.dpd_help("IPsec connection."))
parser.add_argument(
'--local-ep-group',
help=_('Local endpoint group ID/name with subnet(s) for '
'IPSec connection.'))
parser.add_argument('--peer-ep-group',
help=_(
'Peer endpoint group ID/name with CIDR(s) for '
'IPSec connection.'))
parser.add_argument(
'--peer-cidr',
action='append',
dest='peer_cidrs',
help=_('[DEPRECATED in Mitaka] Remote subnet(s) in CIDR format. '
'Cannot be specified when using endpoint groups. Only '
'applicable, if subnet provided for VPN service.'))
parser.add_argument(
'--peer-id',
required=is_create,
help=_('Peer router identity for authentication. Can be '
'IPv4/IPv6 address, e-mail address, key id, or FQDN.'))
parser.add_argument(
'--peer-address',
required=is_create,
help=_('Peer gateway public IPv4/IPv6 address or FQDN.'))
parser.add_argument('--psk',
required=is_create,
help=_('Pre-shared key string.'))
parser.add_argument(
'--mtu',
default='1500' if is_create else argparse.SUPPRESS,
help=_('MTU size for the connection, default:1500.'))
parser.add_argument(
'--initiator',
default='bi-directional' if is_create else argparse.SUPPRESS,
choices=['bi-directional', 'response-only'],
help=_('Initiator state in lowercase, default:bi-directional'))
def add_arguments_allowedaddresspairs(self, parser):
group_aap = parser.add_mutually_exclusive_group()
group_aap.add_argument(
'--allowed-address-pair',
metavar='ip_address=IP_ADDR[,mac_address=MAC_ADDR]',
default=[],
action='append',
dest='allowed_address_pairs',
type=utils.str2dict_type(
required_keys=['ip_address'],
optional_keys=['mac_address']),
help=_('Allowed address pair associated with the port. '
'You can repeat this option.'))
group_aap.add_argument(
'--no-allowed-address-pairs',
action='store_true',
help=_('Associate no allowed address pairs with the port.'))
def add_known_arguments(self, parser):
parser.add_argument('--name',
metavar='name',
help=_('Name of the Nuage L2Bridge.'))
parser.add_argument(
'--physnet',
metavar='physnet_name=PHYSNET,'
'segmentation_id=SEGMENTATIONID,'
'segmentation_type=SEGMENTATIONTYPE',
action='append',
type=utils.str2dict_type(required_keys=[
'physnet_name', 'segmentation_id', 'segmentation_type'
]),
help=_('Desired physnet and segmentation id for this l2bridge: '
'physnet_name=<name>,segmentation_id=<segmentation_id>, '
'segmentation_type=<segmentation_type>. '
'You can repeat this option.'))
return parser
def add_known_arguments(self, parser):
parser.add_argument('name',
metavar='NAME',
help=_('Name of the Port Pair Group.'))
add_common_arguments(parser)
parser.add_argument(
'--port-pair-group-parameters',
metavar='[lb_fields=LB_FIELDS, ppg_n_tuple_mapping=TUPLE_VALUES]',
type=utils.str2dict_type(
optional_keys=['lb_fields', 'ppg_n_tuple_mapping']),
help=_('Dictionary of Port pair group parameters. '
'Currently, only \'&\' separated string of the lb_fields '
'and ppg_n_tuple_mapping are supported. For '
'ppg_n_tuple_mapping the supported command is '
'\'key=value\' separated by \'&\'. Support '
'ppg_n_tuple_mapping keys are: source_ip_prefix_ingress, '
'source_ip_prefix_egress, destination_ip_prefix_ingress, '
'destination_ip_prefix_egress, source_port_ingress, '
'source_port_egress, destination_port_ingress, '
'destination_port_egress.'))
def add_known_arguments(self, parser):
utils.add_boolean_argument(parser,
'--admin-state-up',
help=_('Update the administrative state of '
'the pool (True meaning "Up").'))
session_group = parser.add_mutually_exclusive_group()
session_group.add_argument(
'--session-persistence',
metavar=
'type=TYPE[,persistence_timeout=TIMEOUT,cookie_name=COOKIE_NAME]',
type=utils.str2dict_type(
required_keys=['type'],
optional_keys=['persistence_timeout', 'cookie_name']),
help=_('The type of session persistence to use and associated '
'cookie name.'))
session_group.add_argument(
'--no-session-persistence',
action='store_true',
help=_('Clear session persistence for the pool.'))
_add_common_args(parser, False)
def _get_common_parser(parser, is_create=True):
parser.add_argument('--description',
metavar='<description>',
help=_('Description for the connection'))
parser.add_argument(
'--dpd',
metavar="action=ACTION,interval=INTERVAL,timeout=TIMEOUT",
type=nc_utils.str2dict_type(
optional_keys=['action', 'interval', 'timeout']),
help=vpn_utils.dpd_help("IPsec connection"))
parser.add_argument('--mtu', help=_('MTU size for the connection'))
parser.add_argument('--initiator',
choices=['bi-directional', 'response-only'],
type=_convert_to_lowercase,
help=_('Initiator state'))
peer_group = parser.add_mutually_exclusive_group()
peer_group.add_argument(
'--peer-cidr',
dest='peer_cidrs',
help=_('Remote subnet(s) in CIDR format. '
'Cannot be specified when using endpoint groups. Only '
'applicable, if subnet provided for VPN service.'))
peer_group.add_argument(
'--local-endpoint-group',
help=_('Local endpoint group (name or ID) with subnet(s) '
'for IPsec connection'))
parser.add_argument(
'--peer-endpoint-group',
help=_('Peer endpoint group (name or ID) with CIDR(s) for '
'IPSec connection'))
admin_group = parser.add_mutually_exclusive_group()
admin_group.add_argument('--enable',
action='store_true',
help=_("Enable IPSec site connection"))
admin_group.add_argument('--disable',
action='store_true',
help=_("Disable IPSec site connection"))
parser.add_argument('--local-id',
help=_('An ID to be used instead of the external IP '
'address for a virtual router'))
return parser
def add_known_arguments(self, parser):
parser.add_argument(
'--admin-state-down',
dest='admin_state', action='store_false',
help=_('Set admin state up to false.'))
parser.add_argument(
'--description',
help=_('Description of the pool.'))
parser.add_argument(
'--session-persistence',
metavar='type=TYPE[,cookie_name=COOKIE_NAME]',
type=utils.str2dict_type(required_keys=['type'],
optional_keys=['cookie_name']),
help=_('The type of session persistence to use and associated '
'cookie name'))
parser.add_argument(
'--name', help=_('The name of the pool.'))
parser.add_argument(
'--listener',
help=_('Listener whose default-pool should be set to this pool. '
'At least one of --listener or --loadbalancer must be '
'specified.'))
parser.add_argument(
'--loadbalancer',
help=_('Loadbalancer with which this pool should be associated. '
'At least one of --listener or --loadbalancer must be '
'specified.'))
parser.add_argument(
'--lb-algorithm',
required=True,
choices=['ROUND_ROBIN', 'LEAST_CONNECTIONS', 'SOURCE_IP'],
help=_('The algorithm used to distribute load between the members '
'of the pool.'))
parser.add_argument(
'--protocol',
required=True,
choices=['HTTP', 'HTTPS', 'TCP'],
type=utils.convert_to_uppercase,
help=_('Protocol for balancing.'))
def get_parser(self, prog_name):
parser = super(CreatePortPairGroup, self).get_parser(prog_name)
parser.add_argument('name',
metavar='NAME',
help=_('Name of the Port Pair Group.'))
parser.add_argument('--description',
help=_('Description for the Port Pair Group.'))
parser.add_argument('--port-pair',
metavar='PORT-PAIR',
dest='port_pairs',
default=[],
action='append',
help=_('ID or name of the Port Pair.'
'This option can be repeated.'))
parser.add_argument(
'--port-pair-group-parameters',
metavar='[lb_fields=LB_FIELDS]',
type=nc_utils.str2dict_type(optional_keys=['lb_fields']),
help=_('Dictionary of Port pair group parameters. '
'Currently, only \'&\' separated string of the lb_fields '
'are supported.'))
return parser
def add_known_arguments(self, parser):
parser.add_argument('name',
metavar='NAME',
help=_('Name of the Port Pair.'))
parser.add_argument('--description',
help=_('Description for the Port Pair.'))
parser.add_argument('--ingress',
required=True,
help=_('ID or name of the ingress neutron port.'))
parser.add_argument('--egress',
required=True,
help=_('ID or name of the egress neutron port.'))
parser.add_argument(
'--service-function-parameters',
metavar='[correlation=CORRELATION_TYPE, weight=WEIGHT]',
type=utils.str2dict_type(optional_keys=['correlation', 'weight']),
help=_('Dictionary of Service function parameters. '
'Currently, only correlation=None|nsh and weight '
'is supported. Default correlation is None. Weight is '
'an integer that influences the selection'
'of a port pair within a port pair group '
'for a flow. The higher the weight, the more flows will '
'hash to the port pair. The default weight is 1.'))
def add_common_args(parser, is_create=True):
parser.add_argument(
'--auth-algorithm',
default='sha1' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
choices=['sha1', 'sha256', 'sha384', 'sha512'],
help=_('Authentication algorithm for IPsec policy, default:sha1.'))
parser.add_argument(
'--description',
help=_('Description of the IPsec policy.'))
parser.add_argument(
'--encapsulation-mode',
default='tunnel' if is_create else argparse.SUPPRESS,
choices=['tunnel', 'transport'],
type=utils.convert_to_lowercase,
help=_('Encapsulation mode for IPsec policy, default:tunnel.'))
parser.add_argument(
'--encryption-algorithm',
default='aes-128' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
help=_('Encryption algorithm for IPsec policy, default:aes-128.'))
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IPsec"))
parser.add_argument(
'--pfs',
default='group5' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
help=_('Perfect Forward Secrecy for IPsec policy, default:group5.'))
parser.add_argument(
'--transform-protocol',
default='esp' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
choices=['esp', 'ah', 'ah-esp'],
help=_('Transform protocol for IPsec policy, default:esp.'))
def add_common_args(parser, is_create=True):
parser.add_argument(
'--description',
help=_('Description of the IKE policy.'))
parser.add_argument(
'--auth-algorithm',
type=utils.convert_to_lowercase,
default='sha1' if is_create else argparse.SUPPRESS,
choices=['sha1', 'sha256', 'sha384', 'sha512'],
help=_('Authentication algorithm, default:sha1.'))
parser.add_argument(
'--encryption-algorithm',
default='aes-128' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
help=_('Encryption algorithm, default:aes-128.'))
parser.add_argument(
'--phase1-negotiation-mode',
default='main' if is_create else argparse.SUPPRESS,
choices=['main'],
type=utils.convert_to_lowercase,
help=_('IKE Phase1 negotiation mode, default:main.'))
parser.add_argument(
'--ike-version',
default='v1' if is_create else argparse.SUPPRESS,
choices=['v1', 'v2'],
type=utils.convert_to_lowercase,
help=_('IKE version for the policy, default:v1.'))
parser.add_argument(
'--pfs',
default='group5' if is_create else argparse.SUPPRESS,
type=utils.convert_to_lowercase,
help=_('Perfect Forward Secrecy, default:group5.'))
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IKE"))
def _get_common_parser(parser):
parser.add_argument(
'--description',
metavar='<description>',
help=_('Description of the IKE policy'))
parser.add_argument(
'--auth-algorithm',
choices=['sha1', 'sha256', 'sha384', 'sha512'],
type=_convert_to_lowercase,
help=_('Authentication algorithm'))
parser.add_argument(
'--encryption-algorithm',
choices=['aes-128', '3des', 'aes-192', 'aes-256'],
type=_convert_to_lowercase,
help=_('Encryption algorithm'))
parser.add_argument(
'--phase1-negotiation-mode',
choices=['main'],
type=_convert_to_lowercase,
help=_('IKE Phase1 negotiation mode'))
parser.add_argument(
'--ike-version',
choices=['v1', 'v2'],
type=_convert_to_lowercase,
help=_('IKE version for the policy'))
parser.add_argument(
'--pfs',
choices=['group5', 'group2', 'group14'],
type=_convert_to_lowercase,
help=_('Perfect Forward Secrecy'))
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=nc_utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IKE"))
return parser
def add_known_arguments(self, parser):
parser.add_argument('--admin-state-down',
dest='admin_state',
action='store_false',
help=_('Set admin state up to false.'))
parser.add_argument('--description',
help=_('Description of the pool.'))
parser.add_argument(
'--session-persistence',
metavar='type=TYPE[,cookie_name=COOKIE_NAME]',
type=utils.str2dict_type(required_keys=['type'],
optional_keys=['cookie_name']),
help=_('The type of session persistence to use and associated '
'cookie name'))
parser.add_argument('--name', help=_('The name of the pool.'))
parser.add_argument(
'--listener',
help=_('Listener whose default-pool should be set to this pool. '
'At least one of --listener or --loadbalancer must be '
'specified.'))
parser.add_argument(
'--loadbalancer',
help=_('Loadbalancer with which this pool should be associated. '
'At least one of --listener or --loadbalancer must be '
'specified.'))
parser.add_argument(
'--lb-algorithm',
required=True,
choices=['ROUND_ROBIN', 'LEAST_CONNECTIONS', 'SOURCE_IP'],
help=_('The algorithm used to distribute load between the members '
'of the pool.'))
parser.add_argument('--protocol',
required=True,
choices=['HTTP', 'HTTPS', 'TCP'],
type=utils.convert_to_uppercase,
help=_('Protocol for balancing.'))
def add_known_arguments(self, parser):
parser.add_argument(
'--lifetime',
metavar="units=UNITS,value=VALUE",
type=utils.str2dict_type(optional_keys=['units', 'value']),
help=vpn_utils.lifetime_help("IKE"))
