A resource for VPN service in Neutron.
"""
- properties_schema = {'name': {'Type': 'String'},
- 'description': {'Type': 'String'},
- 'admin_state_up': {'Type': 'Boolean',
- 'Default': True},
- 'subnet_id': {'Type': 'String',
- 'Required': True},
- 'router_id': {'Type': 'String',
- 'Required': True}}
+ properties_schema = {
+ 'name': {
+ 'Type': 'String',
+ 'Description': _('Name for the vpn service.')
+ },
+ 'description': {
+ 'Type': 'String',
+ 'Description': _('Description for the vpn service.')
+ },
+ 'admin_state_up': {
+ 'Type': 'Boolean',
+ 'Default': True,
+ 'Description': _('Administrative state for the vpn service.')
+ },
+ 'subnet_id': {
+ 'Type': 'String',
+ 'Required': True,
+ 'Description': _('Unique identifier for the subnet in which the '
+ 'vpn service will be created.')
+ },
+ 'router_id': {
+ 'Type': 'String',
+ 'Required': True,
+ 'Description': _('Unique identifier for the router to which the '
+ 'vpn service will be inserted.')
+ }
+ }
attributes_schema = {
- 'admin_state_up': 'the administrative state of the vpn service',
- 'description': 'description of the vpn service',
- 'id': 'unique identifier for the vpn service',
- 'name': 'name for the vpn service',
- 'router_id': 'unique identifier for router used to create the vpn'
- ' service',
- 'status': 'the status of the vpn service',
- 'subnet_id': 'unique identifier for subnet used to create the vpn'
- ' service',
- 'tenant_id': 'tenant owning the vpn service'
+ 'admin_state_up': _('The administrative state of the vpn service.'),
+ 'description': _('The description of the vpn service.'),
+ 'id': _('The unique identifier of the vpn service.'),
+ 'name': _('The name of the vpn service.'),
+ 'router_id': _('The unique identifier of the router to which the vpn '
+ 'service was inserted.'),
+ 'status': _('The status of the vpn service.'),
+ 'subnet_id': _('The unique identifier of the subnet in which the vpn '
+ 'service was created.'),
+ 'tenant_id': _('The unique identifier of the tenant owning the vpn '
+ 'service.')
}
update_allowed_keys = ('Properties',)
"""
dpd_schema = {
- 'actions': {'Type': 'String',
- 'AllowedValues': ['clear',
- 'disabled',
- 'hold',
- 'restart',
- 'restart-by-peer'],
- 'Default': 'hold'},
- 'interval': {'Type': 'Integer',
- 'Default': 30},
- 'timeout': {'Type': 'Integer',
- 'Default': 120},
+ 'actions': {
+ 'Type': 'String',
+ 'AllowedValues': ['clear', 'disabled', 'hold', 'restart',
+ 'restart-by-peer'],
+ 'Default': 'hold',
+ 'Description': _('Controls DPD protocol mode.')
+ },
+ 'interval': {
+ 'Type': 'Integer',
+ 'Default': 30,
+ 'Description': _('Number of seconds for the DPD delay.')
+ },
+ 'timeout': {
+ 'Type': 'Integer',
+ 'Default': 120,
+ 'Description': _('Number of seconds for the DPD timeout.')
+ },
}
- properties_schema = {'name': {'Type': 'String'},
- 'description': {'Type': 'String'},
- 'peer_address': {'Type': 'String',
- 'Required': True},
- 'peer_id': {'Type': 'String',
- 'Required': True},
- 'peer_cidrs': {'Type': 'List',
- 'Required': True},
- 'mtu': {'Type': 'Integer',
- 'Default': 1500},
- 'dpd': {'Type': 'Map', 'Schema': dpd_schema},
- 'psk': {'Type': 'String',
- 'Required': True},
- 'initiator': {'Type': 'String',
- 'AllowedValues': ['bi-directional',
- 'response-only'],
- 'Default': 'bi-directional'},
- 'admin_state_up': {'Type': 'Boolean',
- 'Default': True},
- 'ikepolicy_id': {'Type': 'String',
- 'Required': True},
- 'ipsecpolicy_id': {'Type': 'String',
- 'Required': True},
- 'vpnservice_id': {'Type': 'String',
- 'Required': True}}
+ properties_schema = {
+ 'name': {
+ 'Type': 'String',
+ 'Description': _('Name for the ipsec site connection.')
+ },
+ 'description': {
+ 'Type': 'String',
+ 'Description': _('Description for the ipsec site connection.')
+ },
+ 'peer_address': {
+ 'Type': 'String',
+ 'Required': True,
+ 'Description': _('Remote branch router public IPv4 address or '
+ 'IPv6 address or FQDN.')
+ },
+ 'peer_id': {
+ 'Type': 'String',
+ 'Required': True,
+ 'Description': _('Remote branch router identity.')
+ },
+ 'peer_cidrs': {
+ 'Type': 'List',
+ 'Required': True,
+ 'Description': _('Remote subnet(s) in CIDR format.')
+ },
+ 'mtu': {
+ 'Type': 'Integer',
+ 'Default': 1500,
+ 'Description': _('Maximum transmission unit size (in bytes) for '
+ 'the ipsec site connection.')
+ },
+ 'dpd': {
+ 'Type': 'Map',
+ 'Schema': dpd_schema,
+ 'Description': _('Dead Peer Detection protocol configuration for '
+ 'the ipsec site connection.')
+ },
+ 'psk': {
+ 'Type': 'String',
+ 'Required': True,
+ 'Description': _('Pre-shared key string for the ipsec site '
+ 'connection.')
+ },
+ 'initiator': {
+ 'Type': 'String',
+ 'AllowedValues': ['bi-directional', 'response-only'],
+ 'Default': 'bi-directional',
+ 'Description': _('Initiator state in lowercase for the ipsec site '
+ 'connection.')
+ },
+ 'admin_state_up': {
+ 'Type': 'Boolean',
+ 'Default': True,
+ 'Description': _('Administrative state for the ipsec site '
+ 'connection.')
+ },
+ 'ikepolicy_id': {
+ 'Type': 'String',
+ 'Required': True,
+ 'Description': _('Unique identifier for the ike policy associated '
+ 'with the ipsec site connection.')
+ },
+ 'ipsecpolicy_id': {
+ 'Type': 'String',
+ 'Required': True,
+ 'Description': _('Unique identifier for the ipsec policy '
+ 'associated with the ipsec site connection.')
+ },
+ 'vpnservice_id': {
+ 'Type': 'String',
+ 'Required': True,
+ 'Description': _('Unique identifier for the vpn service '
+ 'associated with the ipsec site connection.')
+ }
+ }
attributes_schema = {
- 'admin_state_up': 'the administrative state of the ipsec site'
- ' connection',
- 'auth_mode': 'authentication mode used by the ipsec site connection',
- 'description': 'description of the ipsec site connection',
- 'dpd': 'configuration of dead peer detection protocol',
- 'id': 'unique identifier for the ipsec site connection',
- 'ikepolicy_id': 'unique identifier for ike policy used to create the'
- ' ipsec site connection',
- 'initiator': 'initiator of the ipsec site connection',
- 'ipsecpolicy_id': 'unique identifier for ipsec policy used to create'
- ' the ipsec site connection',
- 'mtu': 'maximum transmission unit to address fragmentation',
- 'name': 'name for the ipsec site connection',
- 'peer_address': 'peer vpn gateway public address or FQDN',
- 'peer_cidrs': 'peer private cidrs',
- 'peer_id': 'peer identifier (name, string or FQDN)',
- 'psk': 'pre-shared-key used to create the ipsec site connection',
- 'route_mode': 'route mode used to create the ipsec site connection',
- 'status': 'the status of the ipsec site connection',
- 'tenant_id': 'tenant owning the ipsec site connection',
- 'vpnservice_id': 'unique identifier for vpn service used to create the'
- ' ipsec site connection'
+ 'admin_state_up': _('The administrative state of the ipsec site '
+ 'connection.'),
+ 'auth_mode': _('The authentication mode of the ipsec site '
+ 'connection.'),
+ 'description': _('The description of the ipsec site connection.'),
+ 'dpd': _('The dead peer detection protocol configuration of the ipsec '
+ 'site connection.'),
+ 'id': _('The unique identifier of the ipsec site connection.'),
+ 'ikepolicy_id': _('The unique identifier of ike policy associated '
+ 'with the ipsec site connection.'),
+ 'initiator': _('The initiator of the ipsec site connection.'),
+ 'ipsecpolicy_id': _('The unique identifier of ipsec policy '
+ 'associated with the ipsec site connection.'),
+ 'mtu': _('The maximum transmission unit size (in bytes) of the ipsec '
+ 'site connection.'),
+ 'name': _('The name of the ipsec site connection.'),
+ 'peer_address': _('The remote branch router public IPv4 address or '
+ 'IPv6 address or FQDN.'),
+ 'peer_cidrs': _('The remote subnet(s) in CIDR format of the ipsec '
+ 'site connection.'),
+ 'peer_id': _('The remote branch router identity of the ipsec site '
+ 'connection.'),
+ 'psk': _('The pre-shared key string of the ipsec site connection.'),
+ 'route_mode': _('The route mode of the ipsec site connection.'),
+ 'status': _('The status of the ipsec site connection.'),
+ 'tenant_id': _('The unique identifier of the tenant owning the ipsec '
+ 'site connection.'),
+ 'vpnservice_id': _('The unique identifier of vpn service associated '
+ 'with the ipsec site connection.')
}
update_allowed_keys = ('Properties',)
"""
lifetime_schema = {
- 'units': {'Type': 'String', 'AllowedValues': ['seconds', 'kilobytes'],
- 'Default': 'seconds'},
- 'value': {'Type': 'Integer', 'Default': 3600},
+ 'units': {
+ 'Type': 'String',
+ 'AllowedValues': ['seconds', 'kilobytes'],
+ 'Default': 'seconds',
+ 'Description': _('Safety assessment lifetime units.')
+ },
+ 'value': {
+ 'Type': 'Integer',
+ 'Default': 3600,
+ 'Description': _('Safety assessment lifetime value in specified '
+ 'units.')
+ },
}
- properties_schema = {'name': {'Type': 'String'},
- 'description': {'Type': 'String'},
- 'auth_algorithm': {'Type': 'String',
- 'AllowedValues': ['sha1'],
- 'Default': 'sha1'},
- 'encryption_algorithm': {'Type': 'String',
- 'AllowedValues': ['3des',
- 'aes-128',
- 'aes-192',
- 'aes-256'],
- 'Default': 'aes-128'},
- 'phase1_negotiation_mode': {'Type': 'String',
- 'AllowedValues': ['main'],
- 'Default': 'main'},
- 'lifetime': {'Type': 'Map',
- 'Schema': lifetime_schema},
- 'pfs': {'Type': 'String',
- 'AllowedValues': ['group2', 'group5',
- 'group14'],
- 'Default': 'group5'},
- 'ike_version': {'Type': 'String',
- 'AllowedValues': ['v1', 'v2'],
- 'Default': 'v1'}}
+ properties_schema = {
+ 'name': {
+ 'Type': 'String',
+ 'Description': _('Name for the ike policy.')
+ },
+ 'description': {
+ 'Type': 'String',
+ 'Description': _('Description for the ike policy.')
+ },
+ 'auth_algorithm': {
+ 'Type': 'String',
+ 'AllowedValues': ['sha1'],
+ 'Default': 'sha1',
+ 'Description': _('Authentication hash algorithm for the ike '
+ 'policy.')
+ },
+ 'encryption_algorithm': {
+ 'Type': 'String',
+ 'AllowedValues': ['3des', 'aes-128', 'aes-192', 'aes-256'],
+ 'Default': 'aes-128',
+ 'Description': _('Encryption algorithm for the ike policy.')
+ },
+ 'phase1_negotiation_mode': {
+ 'Type': 'String',
+ 'AllowedValues': ['main'],
+ 'Default': 'main',
+ 'Description': _('Negotiation mode for the ike policy.')
+ },
+ 'lifetime': {
+ 'Type': 'Map',
+ 'Schema': lifetime_schema,
+ 'Description': _('Safety assessment lifetime configuration for '
+ 'the ike policy.')
+ },
+ 'pfs': {
+ 'Type': 'String',
+ 'AllowedValues': ['group2', 'group5', 'group14'],
+ 'Default': 'group5',
+ 'Description': _('Perfect forward secrecy in lowercase for the '
+ 'ike policy.')
+ },
+ 'ike_version': {
+ 'Type': 'String',
+ 'AllowedValues': ['v1', 'v2'],
+ 'Default': 'v1',
+ 'Description': _('Version for the ike policy.')
+ }
+ }
attributes_schema = {
- 'auth_algorithm': 'authentication hash algorithm used by the ike'
- ' policy',
- 'description': 'description of the ike policy',
- 'encryption_algorithm': 'encryption algorithm used by the ike policy',
- 'id': 'unique identifier for the ike policy',
- 'ike_version': 'version of the ike policy',
- 'lifetime': 'configuration of safety assessment lifetime for the ike'
- ' policy',
- 'name': 'name for the ike policy',
- 'pfs': 'perfect forward secrecy for the ike policy',
- 'phase1_negotiation_mode': 'negotiation mode for the ike policy',
- 'tenant_id': 'tenant owning the ike policy',
+ 'auth_algorithm': _('The authentication hash algorithm used by the ike'
+ ' policy.'),
+ 'description': _('The description of the ike policy.'),
+ 'encryption_algorithm': _('The encryption algorithm used by the ike '
+ 'policy.'),
+ 'id': _('The unique identifier for the ike policy.'),
+ 'ike_version': _('The version of the ike policy.'),
+ 'lifetime': _('The safety assessment lifetime configuration for the '
+ 'ike policy.'),
+ 'name': _('The name of the ike policy.'),
+ 'pfs': _('The perfect forward secrecy of the ike policy.'),
+ 'phase1_negotiation_mode': _('The negotiation mode of the ike '
+ 'policy.'),
+ 'tenant_id': _('The unique identifier of the tenant owning the ike '
+ 'policy.'),
}
update_allowed_keys = ('Properties',)
"""
lifetime_schema = {
- 'units': {'Type': 'String', 'AllowedValues': ['seconds', 'kilobytes'],
- 'Default': 'seconds'},
- 'value': {'Type': 'Integer', 'Default': 3600},
+ 'units': {
+ 'Type': 'String',
+ 'AllowedValues': ['seconds', 'kilobytes'],
+ 'Default': 'seconds',
+ 'Description': _('Safety assessment lifetime units.')
+ },
+ 'value': {
+ 'Type': 'Integer',
+ 'Default': 3600,
+ 'Description': _('Safety assessment lifetime value in specified '
+ 'units.')
+ },
}
- properties_schema = {'name': {'Type': 'String'},
- 'description': {'Type': 'String'},
- 'transform_protocol': {'Type': 'String',
- 'AllowedValues': ['esp', 'ah',
- 'ah-esp'],
- 'Default': 'esp'},
- 'encapsulation_mode': {'Type': 'String',
- 'AllowedValues': ['tunnel',
- 'transport'],
- 'Default': 'tunnel'},
- 'auth_algorithm': {'Type': 'String',
- 'AllowedValues': ['sha1'],
- 'Default': 'sha1'},
- 'encryption_algorithm': {'Type': 'String',
- 'AllowedValues': ['3des',
- 'aes-128',
- 'aes-192',
- 'aes-256'],
- 'Default': 'aes-128'},
- 'lifetime': {'Type': 'Map',
- 'Schema': lifetime_schema},
- 'pfs': {'Type': 'String',
- 'AllowedValues': ['group2', 'group5',
- 'group14'],
- 'Default': 'group5'}}
+ properties_schema = {
+ 'name': {
+ 'Type': 'String',
+ 'Description': _('Name for the ipsec policy.')
+ },
+ 'description': {
+ 'Type': 'String',
+ 'Description': _('Description for the ipsec policy.')
+ },
+ 'transform_protocol': {
+ 'Type': 'String',
+ 'AllowedValues': ['esp', 'ah', 'ah-esp'],
+ 'Default': 'esp',
+ 'Description': _('Transform protocol for the ipsec policy.')
+ },
+ 'encapsulation_mode': {
+ 'Type': 'String',
+ 'AllowedValues': ['tunnel', 'transport'],
+ 'Default': 'tunnel',
+ 'Description': _('Encapsulation mode for the ipsec policy.')
+ },
+ 'auth_algorithm': {
+ 'Type': 'String',
+ 'AllowedValues': ['sha1'],
+ 'Default': 'sha1',
+ 'Description': _('Authentication hash algorithm for the ipsec '
+ 'policy.')
+ },
+ 'encryption_algorithm': {
+ 'Type': 'String',
+ 'AllowedValues': ['3des', 'aes-128', 'aes-192', 'aes-256'],
+ 'Default': 'aes-128',
+ 'Description': _('Encryption algorithm for the ipsec policy.')
+ },
+ 'lifetime': {
+ 'Type': 'Map',
+ 'Schema': lifetime_schema,
+ 'Description': _('Safety assessment lifetime configuration for '
+ 'the ipsec policy.')
+ },
+ 'pfs': {
+ 'Type': 'String',
+ 'AllowedValues': ['group2', 'group5', 'group14'],
+ 'Default': 'group5',
+ 'Description': _('Perfect forward secrecy for the ipsec policy.')
+ }
+ }
attributes_schema = {
- 'auth_algorithm': 'authentication hash algorithm used by the ipsec'
- ' policy',
- 'description': 'description of the ipsec policy',
- 'encapsulation_mode': 'encapsulation mode for the ipsec policy',
- 'encryption_algorithm': 'encryption algorithm for the ipsec policy',
- 'id': 'unique identifier for this ipsec policy',
- 'lifetime': 'configuration of safety assessment lifetime for the ipsec'
- ' policy',
- 'name': 'name for the ipsec policy',
- 'pfs': 'perfect forward secrecy for the ipsec policy',
- 'tenant_id': 'tenant owning the ipsec policy',
- 'transform_protocol': 'transform protocol for the ipsec policy'
+ 'auth_algorithm': _('The authentication hash algorithm of the ipsec '
+ 'policy.'),
+ 'description': _('The description of the ipsec policy.'),
+ 'encapsulation_mode': _('The encapsulation mode of the ipsec policy.'),
+ 'encryption_algorithm': _('The encryption algorithm of the ipsec '
+ 'policy.'),
+ 'id': _('The unique identifier of this ipsec policy.'),
+ 'lifetime': _('The safety assessment lifetime configuration of the '
+ 'ipsec policy.'),
+ 'name': _('The name of the ipsec policy.'),
+ 'pfs': _('The perfect forward secrecy of the ipsec policy.'),
+ 'tenant_id': _('The unique identifier of the tenant owning the '
+ 'ipsec policy.'),
+ 'transform_protocol': _('The transform protocol of the ipsec policy.')
}
update_allowed_keys = ('Properties',)
Code Review / openstack-build / heat-build.git / commitdiff