icontrol 0.3.1 → 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/icontrol/arx.rb +38 -8
- data/lib/icontrol/arx/api.rb +1 -0
- data/lib/icontrol/arx/chassis.rb +11 -0
- data/lib/icontrol/arx/export.rb +4 -1
- data/lib/icontrol/arx/file_change_notification.rb +25 -4
- data/lib/icontrol/arx/file_server.rb +2 -0
- data/lib/icontrol/arx/namespace.rb +2 -0
- data/lib/icontrol/arx/network.rb +3 -0
- data/lib/icontrol/arx/policy.rb +3 -0
- data/lib/icontrol/arx/share.rb +2 -0
- data/lib/icontrol/arx/virtual_service.rb +3 -0
- data/lib/icontrol/arx/volume.rb +2 -0
- data/lib/icontrol/asm.rb +18 -3
- data/lib/icontrol/asm/object_params.rb +12 -6
- data/lib/icontrol/asm/policy.rb +118 -79
- data/lib/icontrol/asm/system_configuration.rb +27 -19
- data/lib/icontrol/asm/web_application.rb +74 -52
- data/lib/icontrol/asm/web_application_group.rb +33 -24
- data/lib/icontrol/base.rb +1 -0
- data/lib/icontrol/base/exception.rb +1 -0
- data/lib/icontrol/base/icontrol/local_lb/pool.rb +7 -0
- data/lib/icontrol/base/icontrol_overlay.rb +6 -0
- data/lib/icontrol/base/predeclarations.rb +5 -4
- data/lib/icontrol/base/struct.rb +6 -2
- data/lib/icontrol/common.rb +55 -4
- data/lib/icontrol/global_lb.rb +22 -3
- data/lib/icontrol/global_lb/application.rb +63 -44
- data/lib/icontrol/global_lb/data_center.rb +82 -58
- data/lib/icontrol/global_lb/dnssec_key.rb +152 -90
- data/lib/icontrol/global_lb/dnssec_zone.rb +55 -35
- data/lib/icontrol/global_lb/globals.rb +662 -430
- data/lib/icontrol/global_lb/link.rb +181 -131
- data/lib/icontrol/global_lb/monitor.rb +174 -104
- data/lib/icontrol/global_lb/pool.rb +290 -203
- data/lib/icontrol/global_lb/pool_member.rb +118 -71
- data/lib/icontrol/global_lb/region.rb +37 -25
- data/lib/icontrol/global_lb/rule.rb +53 -37
- data/lib/icontrol/global_lb/server.rb +176 -124
- data/lib/icontrol/global_lb/topology.rb +41 -27
- data/lib/icontrol/global_lb/virtual_server.rb +118 -84
- data/lib/icontrol/global_lb/wide_ip.rb +168 -117
- data/lib/icontrol/local_lb.rb +81 -10
- data/lib/icontrol/local_lb/klass.rb +233 -153
- data/lib/icontrol/local_lb/monitor.rb +158 -96
- data/lib/icontrol/local_lb/nat.rb +74 -52
- data/lib/icontrol/local_lb/node_address.rb +123 -86
- data/lib/icontrol/local_lb/pool.rb +229 -164
- data/lib/icontrol/local_lb/pool_member.rb +134 -76
- data/lib/icontrol/local_lb/profile_auth.rb +103 -75
- data/lib/icontrol/local_lb/profile_client_ssl.rb +284 -201
- data/lib/icontrol/local_lb/profile_diameter.rb +113 -71
- data/lib/icontrol/local_lb/profile_dns.rb +65 -46
- data/lib/icontrol/local_lb/profile_fast_http.rb +265 -178
- data/lib/icontrol/local_lb/profile_fast_l4.rb +283 -194
- data/lib/icontrol/local_lb/profile_ftp.rb +81 -58
- data/lib/icontrol/local_lb/profile_http.rb +701 -433
- data/lib/icontrol/local_lb/profile_http_class.rb +169 -121
- data/lib/icontrol/local_lb/profile_iiop.rb +87 -63
- data/lib/icontrol/local_lb/profile_one_connect.rb +99 -71
- data/lib/icontrol/local_lb/profile_persistence.rb +326 -203
- data/lib/icontrol/local_lb/profile_radius.rb +94 -62
- data/lib/icontrol/local_lb/profile_rtsp.rb +207 -129
- data/lib/icontrol/local_lb/profile_sctp.rb +231 -167
- data/lib/icontrol/local_lb/profile_server_ssl.rb +268 -189
- data/lib/icontrol/local_lb/profile_sip.rb +145 -99
- data/lib/icontrol/local_lb/profile_stream.rb +71 -51
- data/lib/icontrol/local_lb/profile_tcp.rb +455 -296
- data/lib/icontrol/local_lb/profile_udp.rb +109 -78
- data/lib/icontrol/local_lb/profile_user_statistic.rb +77 -46
- data/lib/icontrol/local_lb/profile_xml.rb +116 -79
- data/lib/icontrol/local_lb/ram_cache_information.rb +43 -20
- data/lib/icontrol/local_lb/rate_class.rb +523 -318
- data/lib/icontrol/local_lb/rule.rb +53 -37
- data/lib/icontrol/local_lb/snat.rb +96 -65
- data/lib/icontrol/local_lb/snat_pool.rb +54 -39
- data/lib/icontrol/local_lb/snat_pool_member.rb +22 -15
- data/lib/icontrol/local_lb/snat_translation_address.rb +94 -69
- data/lib/icontrol/local_lb/virtual_address.rb +99 -70
- data/lib/icontrol/local_lb/virtual_server.rb +358 -243
- data/lib/icontrol/lt_config.rb +8 -1
- data/lib/icontrol/lt_config/field.rb +87 -53
- data/lib/icontrol/lt_config/klass.rb +59 -43
- data/lib/icontrol/management.rb +80 -38
- data/lib/icontrol/management/ccldap_configuration.rb +218 -144
- data/lib/icontrol/management/change_control.rb +67 -41
- data/lib/icontrol/management/crldp_configuration.rb +73 -52
- data/lib/icontrol/management/crldp_server.rb +55 -39
- data/lib/icontrol/management/db_variable.rb +32 -21
- data/lib/icontrol/management/event_notification.rb +19 -8
- data/lib/icontrol/management/event_subscription.rb +121 -74
- data/lib/icontrol/management/key_certificate.rb +235 -138
- data/lib/icontrol/management/ldap_configuration.rb +249 -179
- data/lib/icontrol/management/license_administration.rb +97 -56
- data/lib/icontrol/management/named.rb +103 -67
- data/lib/icontrol/management/ocsp_configuration.rb +33 -24
- data/lib/icontrol/management/ocsp_responder.rb +294 -165
- data/lib/icontrol/management/partition.rb +42 -23
- data/lib/icontrol/management/provision.rb +73 -39
- data/lib/icontrol/management/radius_configuration.rb +85 -57
- data/lib/icontrol/management/radius_server.rb +51 -37
- data/lib/icontrol/management/resource_record.rb +163 -121
- data/lib/icontrol/management/snmp_configuration.rb +675 -390
- data/lib/icontrol/management/tacacs_configuration.rb +99 -67
- data/lib/icontrol/management/tmos_module.rb +20 -8
- data/lib/icontrol/management/user_management.rb +198 -124
- data/lib/icontrol/management/view.rb +33 -24
- data/lib/icontrol/management/zone.rb +49 -34
- data/lib/icontrol/management/zone_runner.rb +11 -7
- data/lib/icontrol/networking.rb +31 -4
- data/lib/icontrol/networking/admin_ip.rb +92 -71
- data/lib/icontrol/networking/arp.rb +41 -28
- data/lib/icontrol/networking/i_session_advertised_route.rb +47 -32
- data/lib/icontrol/networking/i_session_local_interface.rb +72 -52
- data/lib/icontrol/networking/i_session_peer_discovery.rb +105 -68
- data/lib/icontrol/networking/i_session_remote_interface.rb +105 -76
- data/lib/icontrol/networking/interfaces.rb +241 -142
- data/lib/icontrol/networking/packet_filter.rb +111 -69
- data/lib/icontrol/networking/packet_filter_globals.rb +39 -28
- data/lib/icontrol/networking/port_mirror.rb +39 -27
- data/lib/icontrol/networking/profile_gre.rb +63 -41
- data/lib/icontrol/networking/profile_ipip.rb +38 -25
- data/lib/icontrol/networking/profile_wccpgre.rb +85 -55
- data/lib/icontrol/networking/route_domain.rb +70 -44
- data/lib/icontrol/networking/route_table.rb +128 -91
- data/lib/icontrol/networking/self_ip.rb +57 -39
- data/lib/icontrol/networking/self_ip_port_lockdown.rb +34 -22
- data/lib/icontrol/networking/stp_globals.rb +115 -63
- data/lib/icontrol/networking/stp_instance.rb +166 -68
- data/lib/icontrol/networking/trunk.rb +165 -101
- data/lib/icontrol/networking/tunnel.rb +77 -52
- data/lib/icontrol/networking/vlan.rb +140 -98
- data/lib/icontrol/networking/vlan_group.rb +145 -101
- data/lib/icontrol/system.rb +70 -33
- data/lib/icontrol/system/cluster.rb +103 -81
- data/lib/icontrol/system/config_sync.rb +128 -72
- data/lib/icontrol/system/connections.rb +27 -17
- data/lib/icontrol/system/disk.rb +134 -67
- data/lib/icontrol/system/failover.rb +44 -27
- data/lib/icontrol/system/geo_ip.rb +16 -5
- data/lib/icontrol/system/inet.rb +47 -30
- data/lib/icontrol/system/internal.rb +13 -9
- data/lib/icontrol/system/services.rb +75 -42
- data/lib/icontrol/system/software_management.rb +132 -83
- data/lib/icontrol/system/statistics.rb +443 -298
- data/lib/icontrol/system/system_info.rb +137 -95
- data/lib/icontrol/web_accelerator/applications.rb +17 -10
- data/lib/icontrol/web_accelerator/policies.rb +13 -9
- data/lib/icontrol/web_accelerator/proxy_message.rb +11 -7
- data/spec/icontrol/local_lb/pool_member_spec.rb +495 -0
- data/spec/icontrol/local_lb/profile_http_class_spec.rb +514 -0
- metadata +10 -4
@@ -1,18 +1,36 @@
|
|
1
1
|
module IControl::GlobalLB
|
2
2
|
##
|
3
|
-
# The DNSSECKey interface manages the cryptographic keys used for securing DNS information,
|
3
|
+
# The DNSSECKey interface manages the cryptographic keys used for securing DNS information,
|
4
|
+
# i.e., DNSSEC. The keys managed by this interface can be used to sign DNS record groups
|
5
|
+
# and the keys themselves. Technically, there is not a single key for each key object.
|
6
|
+
# This key is re-created on a regular schedule, which can be controlled via this interface.
|
7
|
+
# Each re-generated key is considered a new "generation" - a term used more
|
8
|
+
# in its genealogical sense than a creation sense. A single key generation can have
|
9
|
+
# its lifetime changed. Thus when using this interface, be careful to distinguish the
|
10
|
+
# attributes which apply to this whole process vs those that apply to a single key
|
11
|
+
# generation. Once a key generation is created, it is fully active for the "rollover
|
12
|
+
# period". At the end of that period, the next generation's key is created and both
|
13
|
+
# keys are in use. Once the first key reaches the end of its "expiration period",
|
14
|
+
# it is no longer handed out, the generation is deleted, and only the second key is
|
15
|
+
# in use. This process continues ad infinitum. It is important to note that these keys
|
16
|
+
# do not affect the processing by their mere existence. To take effect, they must be
|
17
|
+
# assigned to a DNSSEC zone (See the DNSSECZone interface).
|
4
18
|
class DNSSECKey < IControl::Base
|
5
19
|
|
6
20
|
set_id_name "keys"
|
7
21
|
|
22
|
+
class KeyAlgorithmSequence < IControl::Base::Sequence ; end
|
23
|
+
class KeyTypeSequence < IControl::Base::Sequence ; end
|
8
24
|
# Digital signature algorithm used to sign DNS record groups and keys
|
9
25
|
class KeyAlgorithm < IControl::Base::Enumeration; end
|
10
26
|
# DNSSEC key type
|
11
27
|
class KeyType < IControl::Base::Enumeration; end ##
|
12
|
-
# Creates a set of DNSSEC key. Note that the attributes specified in this method cannot
|
13
|
-
#
|
14
|
-
# @
|
15
|
-
# @raise [IControl::Common::
|
28
|
+
# Creates a set of DNSSEC key. Note that the attributes specified in this method cannot
|
29
|
+
# be changed afterwards.
|
30
|
+
# @rspec_example
|
31
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
32
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
33
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
16
34
|
# @param [Hash] opts
|
17
35
|
# @option opts [long] :sizes Digital signature sizes (bits) for each specified key
|
18
36
|
# @option opts [IControl::GlobalLB::DNSSECKey::KeyType] :types DNSSEC key type (See KeyType ) for each specified key
|
@@ -25,78 +43,90 @@ module IControl::GlobalLB
|
|
25
43
|
|
26
44
|
##
|
27
45
|
# Deletes all DNSSEC key.
|
28
|
-
# @
|
29
|
-
# @raise [IControl::Common::
|
30
|
-
# @raise [IControl::Common::
|
46
|
+
# @rspec_example
|
47
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
48
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
49
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
31
50
|
def delete_all_keys
|
32
51
|
super
|
33
52
|
end
|
34
53
|
|
35
54
|
##
|
36
55
|
# Deletes a set of DNSSEC key.
|
37
|
-
# @
|
38
|
-
# @raise [IControl::Common::
|
39
|
-
# @raise [IControl::Common::
|
56
|
+
# @rspec_example
|
57
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
58
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
59
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
40
60
|
def delete_key
|
41
61
|
super
|
42
62
|
end
|
43
63
|
|
44
64
|
##
|
45
|
-
# Gets the algorithms used to digitally sign DNS record groups and key for a set of
|
65
|
+
# Gets the algorithms used to digitally sign DNS record groups and key for a set of
|
66
|
+
# DNSSEC key.
|
67
|
+
# @rspec_example
|
46
68
|
# @return [KeyAlgorithm]
|
47
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
48
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
49
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
69
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
70
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
71
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
50
72
|
def algorithm
|
51
73
|
super
|
52
74
|
end
|
53
75
|
|
54
76
|
##
|
55
77
|
# Gets the enabled state for a set of DNSSEC key.
|
78
|
+
# @rspec_example
|
56
79
|
# @return [EnabledState]
|
57
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
58
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
59
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
80
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
81
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
82
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
60
83
|
def enabled_state
|
61
84
|
super
|
62
85
|
end
|
63
86
|
|
64
87
|
##
|
65
88
|
# Gets the expiration period for a set of DNSSEC key.
|
89
|
+
# @rspec_example
|
66
90
|
# @return [long]
|
67
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
68
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
69
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
91
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
92
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
93
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
70
94
|
def expiration_period
|
71
95
|
super
|
72
96
|
end
|
73
97
|
|
74
98
|
##
|
75
|
-
# Gets the enabled state for using the FIPS device to store and retrieve key for a
|
99
|
+
# Gets the enabled state for using the FIPS device to store and retrieve key for a
|
100
|
+
# set of DNSSEC key.
|
101
|
+
# @rspec_example
|
76
102
|
# @return [EnabledState]
|
77
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
78
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
79
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
103
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
104
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
105
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
80
106
|
def fips_state
|
81
107
|
super
|
82
108
|
end
|
83
109
|
|
84
110
|
##
|
85
|
-
# Gets the existing DNSSEC key generation identifiers for a set of DNSSEC key. The
|
111
|
+
# Gets the existing DNSSEC key generation identifiers for a set of DNSSEC key. The
|
112
|
+
# key generation identifier is a simple generation count, unique within a single DNSSEC
|
113
|
+
# key.
|
114
|
+
# @rspec_example
|
86
115
|
# @return [ULong64[]]
|
87
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
88
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
89
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
116
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
117
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
118
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
90
119
|
def generation
|
91
120
|
super
|
92
121
|
end
|
93
122
|
|
94
123
|
##
|
95
124
|
# Gets the expiration date and time for a set of DNSSEC key generations.
|
125
|
+
# @rspec_example
|
96
126
|
# @return [TimeStamp[]]
|
97
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
98
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
99
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
127
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
128
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
129
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
100
130
|
# @param [Hash] opts
|
101
131
|
# @option opts [IControl::Common::ULong64[]] :generations Identifiers for the key generations to query for each specified DNSSEC key
|
102
132
|
def generation_expiration_time(opts)
|
@@ -106,10 +136,11 @@ module IControl::GlobalLB
|
|
106
136
|
|
107
137
|
##
|
108
138
|
# Gets the public text for a set of DNSSEC key generations.
|
139
|
+
# @rspec_example
|
109
140
|
# @return [String[]]
|
110
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
111
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
112
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
141
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
142
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
143
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
113
144
|
# @param [Hash] opts
|
114
145
|
# @option opts [IControl::Common::ULong64[]] :generations Identifiers for the key generations to query for each specified DNSSEC key
|
115
146
|
def generation_public_text(opts)
|
@@ -119,10 +150,11 @@ module IControl::GlobalLB
|
|
119
150
|
|
120
151
|
##
|
121
152
|
# Gets the rollover date and time for a set of DNSSEC key generations.
|
153
|
+
# @rspec_example
|
122
154
|
# @return [TimeStamp[]]
|
123
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
124
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
125
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
155
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
156
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
157
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
126
158
|
# @param [Hash] opts
|
127
159
|
# @option opts [IControl::Common::ULong64[]] :generations Identifiers for the key generations to query for each specified DNSSEC key
|
128
160
|
def generation_rollover_time(opts)
|
@@ -132,86 +164,96 @@ module IControl::GlobalLB
|
|
132
164
|
|
133
165
|
##
|
134
166
|
# Gets the names of all DNSSEC key.
|
167
|
+
# @rspec_example
|
135
168
|
# @return [String]
|
136
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
137
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
138
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
169
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
170
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
171
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
139
172
|
def list
|
140
173
|
super
|
141
174
|
end
|
142
175
|
|
143
176
|
##
|
144
177
|
# Gets the rollover period for a set of DNSSEC key.
|
178
|
+
# @rspec_example
|
145
179
|
# @return [long]
|
146
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
147
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
148
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
180
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
181
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
182
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
149
183
|
def rollover_period
|
150
184
|
super
|
151
185
|
end
|
152
186
|
|
153
187
|
##
|
154
188
|
# Gets the RRSIG record signature publication period for a set of DNSSEC key.
|
189
|
+
# @rspec_example
|
155
190
|
# @return [long]
|
156
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
157
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
158
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
191
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
192
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
193
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
159
194
|
def signature_publication_period
|
160
195
|
super
|
161
196
|
end
|
162
197
|
|
163
198
|
##
|
164
199
|
# Gets the RRSIG record signature validity period for a set of DNSSEC key.
|
200
|
+
# @rspec_example
|
165
201
|
# @return [long]
|
166
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
167
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
168
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
202
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
203
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
204
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
169
205
|
def signature_validity_period
|
170
206
|
super
|
171
207
|
end
|
172
208
|
|
173
209
|
##
|
174
210
|
# Gets the digital signature sizes for a set of DNSSEC key.
|
211
|
+
# @rspec_example
|
175
212
|
# @return [long]
|
176
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
177
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
178
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
213
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
214
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
215
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
179
216
|
def size
|
180
217
|
super
|
181
218
|
end
|
182
219
|
|
183
220
|
##
|
184
221
|
# Gets the Time To Live (TTL) for the DNSKEY record types.
|
222
|
+
# @rspec_example
|
185
223
|
# @return [long]
|
186
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
187
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
188
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
224
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
225
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
226
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
189
227
|
def time_to_live
|
190
228
|
super
|
191
229
|
end
|
192
230
|
|
193
231
|
##
|
194
232
|
# Gets the types for a set of DNSSEC key.
|
233
|
+
# @rspec_example
|
195
234
|
# @return [KeyType]
|
196
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
197
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
198
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
235
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
236
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
237
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
199
238
|
def type
|
200
239
|
super
|
201
240
|
end
|
202
241
|
|
203
242
|
##
|
204
243
|
# Get the version information for this interface.
|
244
|
+
# @rspec_example
|
205
245
|
# @return [String]
|
206
246
|
def version
|
207
247
|
super
|
208
248
|
end
|
209
249
|
|
210
250
|
##
|
211
|
-
# Sets the enabled state for a set of DNSSEC key. If a DNSSEC key is disabled, the
|
212
|
-
#
|
213
|
-
# @
|
214
|
-
# @raise [IControl::Common::
|
251
|
+
# Sets the enabled state for a set of DNSSEC key. If a DNSSEC key is disabled, the
|
252
|
+
# key is still published, but it is not used to sign DNS record groups or key.
|
253
|
+
# @rspec_example
|
254
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
255
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
256
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
215
257
|
# @param [Hash] opts
|
216
258
|
# @option opts [IControl::Common::EnabledState] :states Enabled state for each specified DNSSEC key (default: enabled)
|
217
259
|
def set_enabled_state(opts)
|
@@ -220,10 +262,13 @@ module IControl::GlobalLB
|
|
220
262
|
end
|
221
263
|
|
222
264
|
##
|
223
|
-
# Sets the expiration period for a set of DNSSEC key. The expiration period is the
|
224
|
-
#
|
225
|
-
#
|
226
|
-
# @
|
265
|
+
# Sets the expiration period for a set of DNSSEC key. The expiration period is the
|
266
|
+
# time between the activation of a DNSSEC key generation and its expiration. It must
|
267
|
+
# be longer than the rollover period.
|
268
|
+
# @rspec_example
|
269
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
270
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
271
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
227
272
|
# @param [Hash] opts
|
228
273
|
# @option opts [long] :times Expiration period (seconds) for each specified DNSSEC key (default: zero - never expires)
|
229
274
|
def set_expiration_period(opts)
|
@@ -232,10 +277,13 @@ module IControl::GlobalLB
|
|
232
277
|
end
|
233
278
|
|
234
279
|
##
|
235
|
-
# Sets the expiration date and time for a set of DNSSEC key generations. This method
|
236
|
-
#
|
237
|
-
#
|
238
|
-
# @
|
280
|
+
# Sets the expiration date and time for a set of DNSSEC key generations. This method
|
281
|
+
# can be used for any reason, but most likely used to invalidate a possibly compromised
|
282
|
+
# key.
|
283
|
+
# @rspec_example
|
284
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
285
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
286
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
239
287
|
# @param [Hash] opts
|
240
288
|
# @option opts [IControl::Common::ULong64[]] :generations Identifiers for the key generations to modify for each specified DNSSEC key
|
241
289
|
# @option opts [IControl::Common::TimeStamp[]] :times Expiration date and time for each specified DNSSEC key generation (default: as specified in the key)
|
@@ -245,10 +293,13 @@ module IControl::GlobalLB
|
|
245
293
|
end
|
246
294
|
|
247
295
|
##
|
248
|
-
# Sets the rollover date and time for a set of DNSSEC key generations. This method
|
249
|
-
#
|
250
|
-
#
|
251
|
-
# @
|
296
|
+
# Sets the rollover date and time for a set of DNSSEC key generations. This method
|
297
|
+
# can be used for any reason, but most likely used to invalidate a possibly compromised
|
298
|
+
# key by forcing the creation of a new key generation.
|
299
|
+
# @rspec_example
|
300
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
301
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
302
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
252
303
|
# @param [Hash] opts
|
253
304
|
# @option opts [IControl::Common::ULong64[]] :generations Identifiers for the key generations to modify for each specified DNSSEC key
|
254
305
|
# @option opts [IControl::Common::TimeStamp[]] :times Rollover date and time for each specified DNSSEC key generation (default: as specified in the key)
|
@@ -258,10 +309,13 @@ module IControl::GlobalLB
|
|
258
309
|
end
|
259
310
|
|
260
311
|
##
|
261
|
-
# Sets the rollover period for a set of DNSSEC key. The rollover period is the time
|
262
|
-
#
|
263
|
-
#
|
264
|
-
# @
|
312
|
+
# Sets the rollover period for a set of DNSSEC key. The rollover period is the time
|
313
|
+
# between the activation of one DNSSEC key generation and the activation of the next
|
314
|
+
# DNSSEC key generation.
|
315
|
+
# @rspec_example
|
316
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
317
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
318
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
265
319
|
# @param [Hash] opts
|
266
320
|
# @option opts [long] :times Rollover period (seconds) for each specified DNSSEC key (default: zero - one-shot key (never rolls over))
|
267
321
|
def set_rollover_period(opts)
|
@@ -270,10 +324,14 @@ module IControl::GlobalLB
|
|
270
324
|
end
|
271
325
|
|
272
326
|
##
|
273
|
-
# Sets the RRSIG record signature publication period for a set of DNSSEC key. The signature
|
274
|
-
#
|
275
|
-
#
|
276
|
-
#
|
327
|
+
# Sets the RRSIG record signature publication period for a set of DNSSEC key. The signature
|
328
|
+
# publication period is the period in which the digital signature is published, is
|
329
|
+
# stored in the RRSIG record, and should be significantly shorter than the Time To
|
330
|
+
# Live period and must be shorter than the signature validity period.
|
331
|
+
# @rspec_example
|
332
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
333
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
334
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
277
335
|
# @param [Hash] opts
|
278
336
|
# @option opts [long] :times Signature publication period (seconds) for each specified DNSSEC key (default: zero - standard BIND value)
|
279
337
|
def set_signature_publication_period(opts)
|
@@ -282,10 +340,13 @@ module IControl::GlobalLB
|
|
282
340
|
end
|
283
341
|
|
284
342
|
##
|
285
|
-
# Sets the RRSIG record signature validity period for a set of DNSSEC key. This value
|
286
|
-
#
|
287
|
-
#
|
288
|
-
# @
|
343
|
+
# Sets the RRSIG record signature validity period for a set of DNSSEC key. This value
|
344
|
+
# is the period for which the digital signature is valid and is stored in the RRSIG
|
345
|
+
# record and should be significantly smaller than the Time To Live period.
|
346
|
+
# @rspec_example
|
347
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
348
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
349
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
289
350
|
# @param [Hash] opts
|
290
351
|
# @option opts [long] :times Signature validity period (seconds) for each specified DNSSEC key (default: zero - standard BIND value)
|
291
352
|
def set_signature_validity_period(opts)
|
@@ -295,9 +356,10 @@ module IControl::GlobalLB
|
|
295
356
|
|
296
357
|
##
|
297
358
|
# Sets the Time To Live (TTL) for the DNSKEY record types.
|
298
|
-
# @
|
299
|
-
# @raise [IControl::Common::
|
300
|
-
# @raise [IControl::Common::
|
359
|
+
# @rspec_example
|
360
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
361
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
362
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
301
363
|
# @param [Hash] opts
|
302
364
|
# @option opts [long] :times DNSKEY record Time To Live (TTL) (seconds) for each specified DNSSEC key (default: 86400 (1 day))
|
303
365
|
def set_time_to_live(opts)
|
@@ -1,15 +1,23 @@
|
|
1
1
|
module IControl::GlobalLB
|
2
2
|
##
|
3
|
-
# The DNSSECZone interface manages the zones in which securing DNS information, i.e.,
|
3
|
+
# The DNSSECZone interface manages the zones in which securing DNS information, i.e.,
|
4
|
+
# DNSSEC, is active. When a zone is active, its DNS record groups are digitally signed,
|
5
|
+
# the DNS record names are hashed, and keys sent to upstream DNS servers are digitally
|
6
|
+
# signed. A DNSSEC zone can contain any number of DNSSEC keys, and a single DNSSEC
|
7
|
+
# key can be used in more than one DNSSEC zone. Note that a large number of DNSSEC
|
8
|
+
# keys in a single DNSSEC zone can affect the responsiveness to DNS requests. Note
|
9
|
+
# that the term &quot;zone" in this interface is not necessarily &quot;zone"
|
10
|
+
# in a DNS sense. See the DNSSECKey interface for managing the keys themselves.
|
4
11
|
class DNSSECZone < IControl::Base
|
5
12
|
|
6
13
|
set_id_name "zones"
|
7
14
|
|
8
15
|
##
|
9
16
|
# Adds DNSSEC keys to a set of DNSSEC zone.
|
10
|
-
# @
|
11
|
-
# @raise [IControl::Common::
|
12
|
-
# @raise [IControl::Common::
|
17
|
+
# @rspec_example
|
18
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
19
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
20
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
13
21
|
# @param [Hash] opts
|
14
22
|
# @option opts [String[]] :keys Names of DNSSEC keys to add to each specified DNSSEC zone
|
15
23
|
def add_key(opts)
|
@@ -19,9 +27,10 @@ module IControl::GlobalLB
|
|
19
27
|
|
20
28
|
##
|
21
29
|
# Creates a set of DNSSEC zone.
|
22
|
-
# @
|
23
|
-
# @raise [IControl::Common::
|
24
|
-
# @raise [IControl::Common::
|
30
|
+
# @rspec_example
|
31
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
32
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
33
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
25
34
|
# @param [Hash] opts
|
26
35
|
# @option opts [String[]] :keys DNSSEC key names for each specified DNSSEC zone
|
27
36
|
def create(opts)
|
@@ -31,64 +40,71 @@ module IControl::GlobalLB
|
|
31
40
|
|
32
41
|
##
|
33
42
|
# Deletes all DNSSEC zone.
|
34
|
-
# @
|
35
|
-
# @raise [IControl::Common::
|
36
|
-
# @raise [IControl::Common::
|
43
|
+
# @rspec_example
|
44
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
45
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
46
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
37
47
|
def delete_all_zones
|
38
48
|
super
|
39
49
|
end
|
40
50
|
|
41
51
|
##
|
42
52
|
# Deletes a set of DNSSEC zone.
|
43
|
-
# @
|
44
|
-
# @raise [IControl::Common::
|
45
|
-
# @raise [IControl::Common::
|
53
|
+
# @rspec_example
|
54
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
55
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
56
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
46
57
|
def delete_zone
|
47
58
|
super
|
48
59
|
end
|
49
60
|
|
50
61
|
##
|
51
62
|
# Gets the enabled state for a set of DNSSEC zone.
|
63
|
+
# @rspec_example
|
52
64
|
# @return [EnabledState]
|
53
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
54
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
55
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
65
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
66
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
67
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
56
68
|
def enabled_state
|
57
69
|
super
|
58
70
|
end
|
59
71
|
|
60
72
|
##
|
61
73
|
# Gets the DNSSEC keys for a set of DNSSEC zone.
|
74
|
+
# @rspec_example
|
62
75
|
# @return [String[]]
|
63
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
64
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
65
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
76
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
77
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
78
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
66
79
|
def key
|
67
80
|
super
|
68
81
|
end
|
69
82
|
|
70
83
|
##
|
71
84
|
# Gets the names of all DNSSEC zone.
|
85
|
+
# @rspec_example
|
72
86
|
# @return [String]
|
73
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
74
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
75
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
87
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
88
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
89
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
76
90
|
def list
|
77
91
|
super
|
78
92
|
end
|
79
93
|
|
80
94
|
##
|
81
95
|
# Gets the status of a set of DNSSEC zone.
|
96
|
+
# @rspec_example
|
82
97
|
# @return [ObjectStatus]
|
83
|
-
# @raise [IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
84
|
-
# @raise [IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
85
|
-
# @raise [IControl::Common::OperationFailed] raised if an operation error occurs.
|
98
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
99
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
100
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
86
101
|
def object_status
|
87
102
|
super
|
88
103
|
end
|
89
104
|
|
90
105
|
##
|
91
106
|
# Get the version information for this interface.
|
107
|
+
# @rspec_example
|
92
108
|
# @return [String]
|
93
109
|
def version
|
94
110
|
super
|
@@ -96,18 +112,20 @@ module IControl::GlobalLB
|
|
96
112
|
|
97
113
|
##
|
98
114
|
# Removes all DNSSEC keys from a set of DNSSEC zone.
|
99
|
-
# @
|
100
|
-
# @raise [IControl::Common::
|
101
|
-
# @raise [IControl::Common::
|
115
|
+
# @rspec_example
|
116
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
117
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
118
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
102
119
|
def remove_all_keys
|
103
120
|
super
|
104
121
|
end
|
105
122
|
|
106
123
|
##
|
107
124
|
# Removes DNSSEC keys from a set of DNSSEC zone.
|
108
|
-
# @
|
109
|
-
# @raise [IControl::Common::
|
110
|
-
# @raise [IControl::Common::
|
125
|
+
# @rspec_example
|
126
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
127
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
128
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
111
129
|
# @param [Hash] opts
|
112
130
|
# @option opts [String[]] :keys Names of DNSSEC keys to delete from each specified DNSSEC zone
|
113
131
|
def remove_key(opts)
|
@@ -116,10 +134,12 @@ module IControl::GlobalLB
|
|
116
134
|
end
|
117
135
|
|
118
136
|
##
|
119
|
-
# Sets the enabled state for a set of DNSSEC zone. Note that individual keys can also
|
120
|
-
#
|
121
|
-
# @
|
122
|
-
# @raise [IControl::Common::
|
137
|
+
# Sets the enabled state for a set of DNSSEC zone. Note that individual keys can also
|
138
|
+
# be enabled and disabled. See the DNSSECKey interface for details.
|
139
|
+
# @rspec_example
|
140
|
+
# @raise [IControl::IControl::Common::AccessDenied] raised if the client credentials are not valid.
|
141
|
+
# @raise [IControl::IControl::Common::InvalidArgument] raised if one of the arguments is invalid.
|
142
|
+
# @raise [IControl::IControl::Common::OperationFailed] raised if an operation error occurs.
|
123
143
|
# @param [Hash] opts
|
124
144
|
# @option opts [IControl::Common::EnabledState] :states Enabled/disabled state for each specified DNSSEC zone (default: enabled)
|
125
145
|
def set_enabled_state(opts)
|