softlayer
diff --git a/‎SoftLayer/CLI/custom_types.py‎
Lines changed: 32 additions & 0 deletions b/‎SoftLayer/CLI/custom_types.py‎
Lines changed: 32 additions & 0 deletions
diff --git a/‎SoftLayer/CLI/routes.py‎
Lines changed: 13 additions & 0 deletions b/‎SoftLayer/CLI/routes.py‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎SoftLayer/CLI/vpn/__init__.py‎
Lines changed: 1 addition & 0 deletions b/‎SoftLayer/CLI/vpn/__init__.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎SoftLayer/CLI/vpn/ipsec/__init__.py‎
Lines changed: 1 addition & 0 deletions b/‎SoftLayer/CLI/vpn/ipsec/__init__.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎SoftLayer/CLI/vpn/ipsec/configure.py‎
Lines changed: 31 additions & 0 deletions b/‎SoftLayer/CLI/vpn/ipsec/configure.py‎
Lines changed: 31 additions & 0 deletions
diff --git a/‎SoftLayer/CLI/vpn/ipsec/detail.py‎
Lines changed: 196 additions & 0 deletions b/‎SoftLayer/CLI/vpn/ipsec/detail.py‎
Lines changed: 196 additions & 0 deletions
diff --git a/‎SoftLayer/CLI/vpn/ipsec/list.py‎
Lines changed: 31 additions & 0 deletions b/‎SoftLayer/CLI/vpn/ipsec/list.py‎
Lines changed: 31 additions & 0 deletions
diff --git a/‎SoftLayer/CLI/vpn/ipsec/subnet/__init__.py‎
Lines changed: 1 addition & 0 deletions b/‎SoftLayer/CLI/vpn/ipsec/subnet/__init__.py‎
Lines changed: 1 addition & 0 deletions
@@ -0,0 +1,32 @@
+"""
+    SoftLayer.CLI.custom_types
+    ~~~~~~~~~~~~~~~~~~~~~~~~
+    Custom type declarations extending click.ParamType
+
+    :license: MIT, see LICENSE for more details.
+"""
+
+import click
+
+
+class NetworkParamType(click.ParamType):
+    """Validates a network parameter type and converts to a tuple.
+
+    todo: Implement to ipaddress.ip_network once the ipaddress backport
+          module can be added as a dependency or is available on all
+          supported python versions.
+    """
+    name = 'network'
+
+    def convert(self, value, param, ctx):
+        try:
+            # Inlined from python standard ipaddress module
+            # https://docs.python.org/3/library/ipaddress.html
+            address = str(value).split('/')
+            if len(address) != 2:
+                raise ValueError("Only one '/' permitted in %r" % value)
+
+            ip_address, cidr = address
+            return (ip_address, int(cidr))
+        except ValueError:
+            self.fail('{} is not a valid network'.format(value), param, ctx)
@@ -123,6 +123,19 @@
     ('image:import', 'SoftLayer.CLI.image.import:cli'),
     ('image:export', 'SoftLayer.CLI.image.export:cli'),
 
+    ('ipsec', 'SoftLayer.CLI.vpn.ipsec'),
+    ('ipsec:configure', 'SoftLayer.CLI.vpn.ipsec.configure:cli'),
+    ('ipsec:detail', 'SoftLayer.CLI.vpn.ipsec.detail:cli'),
+    ('ipsec:list', 'SoftLayer.CLI.vpn.ipsec.list:cli'),
+    ('ipsec:subnet-add', 'SoftLayer.CLI.vpn.ipsec.subnet.add:cli'),
+    ('ipsec:subnet-remove', 'SoftLayer.CLI.vpn.ipsec.subnet.remove:cli'),
+    ('ipsec:translation-add', 'SoftLayer.CLI.vpn.ipsec.translation.add:cli'),
+    ('ipsec:translation-remove',
+     'SoftLayer.CLI.vpn.ipsec.translation.remove:cli'),
+    ('ipsec:translation-update',
+     'SoftLayer.CLI.vpn.ipsec.translation.update:cli'),
+    ('ipsec:update', 'SoftLayer.CLI.vpn.ipsec.update:cli'),
+
     ('loadbal', 'SoftLayer.CLI.loadbal'),
     ('loadbal:cancel', 'SoftLayer.CLI.loadbal.cancel:cli'),
     ('loadbal:create', 'SoftLayer.CLI.loadbal.create:cli'),
 
@@ -0,0 +1 @@
+"""Virtual Private Networks"""
@@ -0,0 +1 @@
+"""IPSEC VPN"""
@@ -0,0 +1,31 @@
+"""Request network configuration of an IPSEC tunnel context."""
+# :license: MIT, see LICENSE for more details.
+
+import click
+
+import SoftLayer
+from SoftLayer.CLI import environment
+from SoftLayer.CLI.exceptions import CLIHalt
+
+
+@click.command()
+@click.argument('context_id', type=int)
+@environment.pass_env
+def cli(env, context_id):
+    """Request configuration of a tunnel context.
+
+    This action will update the advancedConfigurationFlag on the context
+    instance and further modifications against the context will be prevented
+    until all changes can be propgated to network devices.
+    """
+    manager = SoftLayer.IPSECManager(env.client)
+    # ensure context can be retrieved by given id
+    manager.get_tunnel_context(context_id)
+
+    succeeded = manager.apply_configuration(context_id)
+    if succeeded:
+        env.out('Configuration request received for context #{}'
+                .format(context_id))
+    else:
+        raise CLIHalt('Failed to enqueue configuration request for context #{}'
+                      .format(context_id))
@@ -0,0 +1,196 @@
+"""List IPSEC VPN Tunnel Context Details."""
+# :license: MIT, see LICENSE for more details.
+
+import click
+
+import SoftLayer
+from SoftLayer.CLI import environment
+from SoftLayer.CLI import formatting
+
+
+@click.command()
+@click.argument('context_id', type=int)
+@click.option('-i',
+              '--include',
+              default=[],
+              multiple=True,
+              type=click.Choice(['at', 'is', 'rs', 'sr', 'ss']),
+              help='Include additional resources')
+@environment.pass_env
+def cli(env, context_id, include):
+    """List IPSEC VPN tunnel context details.
+
+    Additional resources can be joined using multiple instances of the
+    include option, for which the following choices are available.
+
+    \b
+    at: address translations
+    is: internal subnets
+    rs: remote subnets
+    sr: statically routed subnets
+    ss: service subnets
+    """
+    mask = _get_tunnel_context_mask(('at' in include),
+                                    ('is' in include),
+                                    ('rs' in include),
+                                    ('sr' in include),
+                                    ('ss' in include))
+    manager = SoftLayer.IPSECManager(env.client)
+    context = manager.get_tunnel_context(context_id, mask=mask)
+
+    env.out('Context Details:')
+    env.fout(_get_context_table(context))
+
+    for relation in include:
+        if relation == 'at':
+            env.out('Address Translations:')
+            env.fout(_get_address_translations_table(
+                context.get('addressTranslations', [])))
+        elif relation == 'is':
+            env.out('Internal Subnets:')
+            env.fout(_get_subnets_table(context.get('internalSubnets', [])))
+        elif relation == 'rs':
+            env.out('Remote Subnets:')
+            env.fout(_get_subnets_table(context.get('customerSubnets', [])))
+        elif relation == 'sr':
+            env.out('Static Subnets:')
+            env.fout(_get_subnets_table(context.get('staticRouteSubnets', [])))
+        elif relation == 'ss':
+            env.out('Service Subnets:')
+            env.fout(_get_subnets_table(context.get('serviceSubnets', [])))
+
+
+def _get_address_translations_table(address_translations):
+    """Yields a formatted table to print address translations.
+
+    :param List[dict] address_translations: List of address translations.
+    :return Table: Formatted for address translation output.
+    """
+    table = formatting.Table(['id',
+                              'static IP address',
+                              'static IP address id',
+                              'remote IP address',
+                              'remote IP address id',
+                              'note'])
+    for address_translation in address_translations:
+        table.add_row([address_translation.get('id', ''),
+                       address_translation.get('internalIpAddressRecord', {})
+                       .get('ipAddress', ''),
+                       address_translation.get('internalIpAddressId', ''),
+                       address_translation.get('customerIpAddressRecord', {})
+                       .get('ipAddress', ''),
+                       address_translation.get('customerIpAddressId', ''),
+                       address_translation.get('notes', '')])
+    return table
+
+
+def _get_subnets_table(subnets):
+    """Yields a formatted table to print subnet details.
+
+    :param List[dict] subnets: List of subnets.
+    :return Table: Formatted for subnet output.
+    """
+    table = formatting.Table(['id',
+                              'network identifier',
+                              'cidr',
+                              'note'])
+    for subnet in subnets:
+        table.add_row([subnet.get('id', ''),
+                       subnet.get('networkIdentifier', ''),
+                       subnet.get('cidr', ''),
+                       subnet.get('note', '')])
+    return table
+
+
+def _get_tunnel_context_mask(address_translations=False,
+                             internal_subnets=False,
+                             remote_subnets=False,
+                             static_subnets=False,
+                             service_subnets=False):
+    """Yields a mask object for a tunnel context.
+
+    All exposed properties on the tunnel context service are included in
+    the constructed mask. Additional joins may be requested.
+
+    :param bool address_translations: Whether to join the context's address
+           translation entries.
+    :param bool internal_subnets: Whether to join the context's internal
+           subnet associations.
+    :param bool remote_subnets: Whether to join the context's remote subnet
+           associations.
+    :param bool static_subnets: Whether to join the context's statically
+           routed subnet associations.
+    :param bool service_subnets: Whether to join the SoftLayer service
+           network subnets.
+    :return string: Encoding for the requested mask object.
+    """
+    entries = ['id',
+               'accountId',
+               'advancedConfigurationFlag',
+               'createDate',
+               'customerPeerIpAddress',
+               'modifyDate',
+               'name',
+               'friendlyName',
+               'internalPeerIpAddress',
+               'phaseOneAuthentication',
+               'phaseOneDiffieHellmanGroup',
+               'phaseOneEncryption',
+               'phaseOneKeylife',
+               'phaseTwoAuthentication',
+               'phaseTwoDiffieHellmanGroup',
+               'phaseTwoEncryption',
+               'phaseTwoKeylife',
+               'phaseTwoPerfectForwardSecrecy',
+               'presharedKey']
+    if address_translations:
+        entries.append('addressTranslations[internalIpAddressRecord[ipAddress],'
+                       'customerIpAddressRecord[ipAddress]]')
+    if internal_subnets:
+        entries.append('internalSubnets')
+    if remote_subnets:
+        entries.append('customerSubnets')
+    if static_subnets:
+        entries.append('staticRouteSubnets')
+    if service_subnets:
+        entries.append('serviceSubnets')
+    return '[mask[{}]]'.format(','.join(entries))
+
+
+def _get_context_table(context):
+    """Yields a formatted table to print context details.
+
+    :param dict context: The tunnel context
+    :return Table: Formatted for tunnel context output
+    """
+    table = formatting.KeyValueTable(['name', 'value'])
+    table.align['name'] = 'r'
+    table.align['value'] = 'l'
+
+    table.add_row(['id', context.get('id', '')])
+    table.add_row(['name', context.get('name', '')])
+    table.add_row(['friendly name', context.get('friendlyName', '')])
+    table.add_row(['internal peer IP address',
+                   context.get('internalPeerIpAddress', '')])
+    table.add_row(['remote peer IP address',
+                   context.get('customerPeerIpAddress', '')])
+    table.add_row(['advanced configuration flag',
+                   context.get('advancedConfigurationFlag', '')])
+    table.add_row(['preshared key', context.get('presharedKey', '')])
+    table.add_row(['phase 1 authentication',
+                   context.get('phaseOneAuthentication', '')])
+    table.add_row(['phase 1 diffie hellman group',
+                   context.get('phaseOneDiffieHellmanGroup', '')])
+    table.add_row(['phase 1 encryption', context.get('phaseOneEncryption', '')])
+    table.add_row(['phase 1 key life', context.get('phaseOneKeylife', '')])
+    table.add_row(['phase 2 authentication',
+                   context.get('phaseTwoAuthentication', '')])
+    table.add_row(['phase 2 diffie hellman group',
+                   context.get('phaseTwoDiffieHellmanGroup', '')])
+    table.add_row(['phase 2 encryption', context.get('phaseTwoEncryption', '')])
+    table.add_row(['phase 2 key life', context.get('phaseTwoKeylife', '')])
+    table.add_row(['phase 2 perfect forward secrecy',
+                   context.get('phaseTwoPerfectForwardSecrecy', '')])
+    table.add_row(['created', context.get('createDate')])
+    table.add_row(['modified', context.get('modifyDate')])
+    return table
@@ -0,0 +1,31 @@
+"""List IPSec VPN Tunnel Contexts."""
+# :license: MIT, see LICENSE for more details.
+
+import click
+
+import SoftLayer
+from SoftLayer.CLI import environment
+from SoftLayer.CLI import formatting
+
+
+@click.command()
+@environment.pass_env
+def cli(env):
+    """List IPSec VPN tunnel contexts"""
+    manager = SoftLayer.IPSECManager(env.client)
+    contexts = manager.get_tunnel_contexts()
+
+    table = formatting.Table(['id',
+                              'name',
+                              'friendly name',
+                              'internal peer IP address',
+                              'remote peer IP address',
+                              'created'])
+    for context in contexts:
+        table.add_row([context.get('id', ''),
+                       context.get('name', ''),
+                       context.get('friendlyName', ''),
+                       context.get('internalPeerIpAddress', ''),
+                       context.get('customerPeerIpAddress', ''),
+                       context.get('createDate', '')])
+    env.fout(table)
@@ -0,0 +1 @@
+"""IPSEC VPN Subnets"""