"Fossies" - the Fresh Open Source Software Archive

Member "octavia-8.0.0/octavia/common/constants.py" (14 Apr 2021, 32209 Bytes) of package /linux/misc/openstack/octavia-8.0.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. For more information about "constants.py" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 7.1.1_vs_8.0.0.

    1 # Copyright 2014 Rackspace
    2 #
    3 #    Licensed under the Apache License, Version 2.0 (the "License"); you may
    4 #    not use this file except in compliance with the License. You may obtain
    5 #    a copy of the License at
    6 #
    7 #         http://www.apache.org/licenses/LICENSE-2.0
    8 #
    9 #    Unless required by applicable law or agreed to in writing, software
   10 #    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
   11 #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
   12 #    License for the specific language governing permissions and limitations
   13 #    under the License.
   14 
   15 from octavia_lib.common import constants as lib_consts
   16 
   17 ##############################################################################
   18 # Constants common to the provider drivers moved to
   19 #     octavia_lib.common.constants
   20 # These are deprecated, to be removed in the 'U' release
   21 ##############################################################################
   22 # 'loadbalancers'
   23 LOADBALANCERS = lib_consts.LOADBALANCERS
   24 # 'listeners'
   25 LISTENERS = lib_consts.LISTENERS
   26 # 'pools'
   27 POOLS = lib_consts.POOLS
   28 # HEALTHMONITORS = 'healthmonitors'
   29 HEALTHMONITORS = lib_consts.HEALTHMONITORS
   30 # 'members'
   31 MEMBERS = lib_consts.MEMBERS
   32 # 'l7policies'
   33 L7POLICIES = lib_consts.L7POLICIES
   34 # 'l7rules'
   35 L7RULES = lib_consts.L7RULES
   36 
   37 # 'PING'
   38 HEALTH_MONITOR_PING = lib_consts.HEALTH_MONITOR_PING
   39 # 'TCP'
   40 HEALTH_MONITOR_TCP = lib_consts.HEALTH_MONITOR_TCP
   41 # 'HTTP'
   42 HEALTH_MONITOR_HTTP = lib_consts.HEALTH_MONITOR_HTTP
   43 # 'HTTPS'
   44 HEALTH_MONITOR_HTTPS = lib_consts.HEALTH_MONITOR_HTTPS
   45 # 'TLS-HELLO'
   46 HEALTH_MONITOR_TLS_HELLO = lib_consts.HEALTH_MONITOR_TLS_HELLO
   47 # 'UDP-CONNECT'
   48 HEALTH_MONITOR_UDP_CONNECT = lib_consts.HEALTH_MONITOR_UDP_CONNECT
   49 SUPPORTED_HEALTH_MONITOR_TYPES = lib_consts.SUPPORTED_HEALTH_MONITOR_TYPES
   50 
   51 # 'GET'
   52 HEALTH_MONITOR_HTTP_METHOD_GET = lib_consts.HEALTH_MONITOR_HTTP_METHOD_GET
   53 # 'HEAD'
   54 HEALTH_MONITOR_HTTP_METHOD_HEAD = lib_consts.HEALTH_MONITOR_HTTP_METHOD_HEAD
   55 # 'POST'
   56 HEALTH_MONITOR_HTTP_METHOD_POST = lib_consts.HEALTH_MONITOR_HTTP_METHOD_POST
   57 # 'PUT'
   58 HEALTH_MONITOR_HTTP_METHOD_PUT = lib_consts.HEALTH_MONITOR_HTTP_METHOD_PUT
   59 # 'DELETE'
   60 HEALTH_MONITOR_HTTP_METHOD_DELETE = (
   61     lib_consts.HEALTH_MONITOR_HTTP_METHOD_DELETE)
   62 # 'TRACE'
   63 HEALTH_MONITOR_HTTP_METHOD_TRACE = lib_consts.HEALTH_MONITOR_HTTP_METHOD_TRACE
   64 # 'OPTIONS'
   65 HEALTH_MONITOR_HTTP_METHOD_OPTIONS = (
   66     lib_consts.HEALTH_MONITOR_HTTP_METHOD_OPTIONS)
   67 # 'CONNECT'
   68 HEALTH_MONITOR_HTTP_METHOD_CONNECT = (
   69     lib_consts.HEALTH_MONITOR_HTTP_METHOD_CONNECT)
   70 # 'PATCH'
   71 HEALTH_MONITOR_HTTP_METHOD_PATCH = lib_consts.HEALTH_MONITOR_HTTP_METHOD_PATCH
   72 SUPPORTED_HEALTH_MONITOR_HTTP_METHODS = (
   73     lib_consts.SUPPORTED_HEALTH_MONITOR_HTTP_METHODS)
   74 
   75 # 'REJECT'
   76 L7POLICY_ACTION_REJECT = lib_consts.L7POLICY_ACTION_REJECT
   77 # 'REDIRECT_TO_URL'
   78 L7POLICY_ACTION_REDIRECT_TO_URL = lib_consts.L7POLICY_ACTION_REDIRECT_TO_URL
   79 # 'REDIRECT_TO_POOL'
   80 L7POLICY_ACTION_REDIRECT_TO_POOL = lib_consts.L7POLICY_ACTION_REDIRECT_TO_POOL
   81 # 'REDIRECT_PREFIX'
   82 L7POLICY_ACTION_REDIRECT_PREFIX = lib_consts.L7POLICY_ACTION_REDIRECT_PREFIX
   83 SUPPORTED_L7POLICY_ACTIONS = lib_consts.SUPPORTED_L7POLICY_ACTIONS
   84 
   85 # 'REGEX'
   86 L7RULE_COMPARE_TYPE_REGEX = lib_consts.L7RULE_COMPARE_TYPE_REGEX
   87 # 'STARTS_WITH'
   88 L7RULE_COMPARE_TYPE_STARTS_WITH = lib_consts.L7RULE_COMPARE_TYPE_STARTS_WITH
   89 # 'ENDS_WITH'
   90 L7RULE_COMPARE_TYPE_ENDS_WITH = lib_consts.L7RULE_COMPARE_TYPE_ENDS_WITH
   91 # 'CONTAINS'
   92 L7RULE_COMPARE_TYPE_CONTAINS = lib_consts.L7RULE_COMPARE_TYPE_CONTAINS
   93 # 'EQUAL_TO'
   94 L7RULE_COMPARE_TYPE_EQUAL_TO = lib_consts.L7RULE_COMPARE_TYPE_EQUAL_TO
   95 SUPPORTED_L7RULE_COMPARE_TYPES = lib_consts.SUPPORTED_L7RULE_COMPARE_TYPES
   96 
   97 # 'HOST_NAME'
   98 L7RULE_TYPE_HOST_NAME = lib_consts.L7RULE_TYPE_HOST_NAME
   99 # 'PATH'
  100 L7RULE_TYPE_PATH = lib_consts.L7RULE_TYPE_PATH
  101 # 'FILE_TYPE'
  102 L7RULE_TYPE_FILE_TYPE = lib_consts.L7RULE_TYPE_FILE_TYPE
  103 # 'HEADER'
  104 L7RULE_TYPE_HEADER = lib_consts.L7RULE_TYPE_HEADER
  105 # 'COOKIE'
  106 L7RULE_TYPE_COOKIE = lib_consts.L7RULE_TYPE_COOKIE
  107 # 'SSL_CONN_HAS_CERT'
  108 L7RULE_TYPE_SSL_CONN_HAS_CERT = lib_consts.L7RULE_TYPE_SSL_CONN_HAS_CERT
  109 # 'SSL_VERIFY_RESULT'
  110 L7RULE_TYPE_SSL_VERIFY_RESULT = lib_consts.L7RULE_TYPE_SSL_VERIFY_RESULT
  111 # 'SSL_DN_FIELD'
  112 L7RULE_TYPE_SSL_DN_FIELD = lib_consts.L7RULE_TYPE_SSL_DN_FIELD
  113 SUPPORTED_L7RULE_TYPES = lib_consts.SUPPORTED_L7RULE_TYPES
  114 
  115 # 'ROUND_ROBIN'
  116 LB_ALGORITHM_ROUND_ROBIN = lib_consts.LB_ALGORITHM_ROUND_ROBIN
  117 # 'LEAST_CONNECTIONS'
  118 LB_ALGORITHM_LEAST_CONNECTIONS = lib_consts.LB_ALGORITHM_LEAST_CONNECTIONS
  119 # 'SOURCE_IP'
  120 LB_ALGORITHM_SOURCE_IP = lib_consts.LB_ALGORITHM_SOURCE_IP
  121 SUPPORTED_LB_ALGORITHMS = lib_consts.SUPPORTED_LB_ALGORITHMS
  122 
  123 # 'operating_status'
  124 OPERATING_STATUS = lib_consts.OPERATING_STATUS
  125 # 'ONLINE'
  126 ONLINE = lib_consts.ONLINE
  127 # 'OFFLINE'
  128 OFFLINE = lib_consts.OFFLINE
  129 # 'DEGRADED'
  130 DEGRADED = lib_consts.DEGRADED
  131 # 'ERROR'
  132 ERROR = lib_consts.ERROR
  133 # 'DRAINING'
  134 DRAINING = lib_consts.DRAINING
  135 # 'NO_MONITOR'
  136 NO_MONITOR = lib_consts.NO_MONITOR
  137 # 'operating_status'
  138 SUPPORTED_OPERATING_STATUSES = lib_consts.SUPPORTED_OPERATING_STATUSES
  139 
  140 # 'TCP'
  141 PROTOCOL_TCP = lib_consts.PROTOCOL_TCP
  142 # 'UDP'
  143 PROTOCOL_UDP = lib_consts.PROTOCOL_UDP
  144 # 'HTTP'
  145 PROTOCOL_HTTP = lib_consts.PROTOCOL_HTTP
  146 # 'HTTPS'
  147 PROTOCOL_HTTPS = lib_consts.PROTOCOL_HTTPS
  148 # 'TERMINATED_HTTPS'
  149 PROTOCOL_TERMINATED_HTTPS = lib_consts.PROTOCOL_TERMINATED_HTTPS
  150 # 'PROXY'
  151 PROTOCOL_PROXY = lib_consts.PROTOCOL_PROXY
  152 SUPPORTED_PROTOCOLS = lib_consts.SUPPORTED_PROTOCOLS
  153 
  154 # 'provisioning_status'
  155 PROVISIONING_STATUS = lib_consts.PROVISIONING_STATUS
  156 # Amphora has been allocated to a load balancer 'ALLOCATED'
  157 AMPHORA_ALLOCATED = lib_consts.AMPHORA_ALLOCATED
  158 # Amphora is being built 'BOOTING'
  159 AMPHORA_BOOTING = lib_consts.AMPHORA_BOOTING
  160 # Amphora is ready to be allocated to a load balancer 'READY'
  161 AMPHORA_READY = lib_consts.AMPHORA_READY
  162 # 'ACTIVE'
  163 ACTIVE = lib_consts.ACTIVE
  164 # 'PENDING_DELETE'
  165 PENDING_DELETE = lib_consts.PENDING_DELETE
  166 # 'PENDING_UPDATE'
  167 PENDING_UPDATE = lib_consts.PENDING_UPDATE
  168 # 'PENDING_CREATE'
  169 PENDING_CREATE = lib_consts.PENDING_CREATE
  170 # 'DELETED'
  171 DELETED = lib_consts.DELETED
  172 SUPPORTED_PROVISIONING_STATUSES = lib_consts.SUPPORTED_PROVISIONING_STATUSES
  173 
  174 # 'SOURCE_IP'
  175 SESSION_PERSISTENCE_SOURCE_IP = lib_consts.SESSION_PERSISTENCE_SOURCE_IP
  176 # 'HTTP_COOKIE'
  177 SESSION_PERSISTENCE_HTTP_COOKIE = lib_consts.SESSION_PERSISTENCE_HTTP_COOKIE
  178 # 'APP_COOKIE'
  179 SESSION_PERSISTENCE_APP_COOKIE = lib_consts.SESSION_PERSISTENCE_APP_COOKIE
  180 SUPPORTED_SP_TYPES = lib_consts.SUPPORTED_SP_TYPES
  181 
  182 # List of HTTP headers which are supported for insertion
  183 SUPPORTED_HTTP_HEADERS = lib_consts.SUPPORTED_HTTP_HEADERS
  184 
  185 # List of SSL headers for client certificate
  186 SUPPORTED_SSL_HEADERS = lib_consts.SUPPORTED_SSL_HEADERS
  187 
  188 ###############################################################################
  189 
  190 HEALTH_MONITOR_DEFAULT_EXPECTED_CODES = '200'
  191 HEALTH_MONITOR_HTTP_DEFAULT_METHOD = lib_consts.HEALTH_MONITOR_HTTP_METHOD_GET
  192 HEALTH_MONITOR_DEFAULT_URL_PATH = '/'
  193 TYPE = 'type'
  194 URL_PATH = 'url_path'
  195 HTTP_METHOD = 'http_method'
  196 HTTP_VERSION = 'http_version'
  197 EXPECTED_CODES = 'expected_codes'
  198 DELAY = 'delay'
  199 TIMEOUT = 'timeout'
  200 MAX_RETRIES = 'max_retries'
  201 MAX_RETRIES_DOWN = 'max_retries_down'
  202 RISE_THRESHOLD = 'rise_threshold'
  203 DOMAIN_NAME = 'domain_name'
  204 
  205 UPDATE_STATS = 'UPDATE_STATS'
  206 UPDATE_HEALTH = 'UPDATE_HEALTH'
  207 
  208 VALID_LISTENER_POOL_PROTOCOL_MAP = {
  209     PROTOCOL_TCP: [PROTOCOL_HTTP, PROTOCOL_HTTPS,
  210                    PROTOCOL_PROXY, lib_consts.PROTOCOL_PROXYV2, PROTOCOL_TCP],
  211     PROTOCOL_HTTP: [PROTOCOL_HTTP, PROTOCOL_PROXY,
  212                     lib_consts.PROTOCOL_PROXYV2],
  213     PROTOCOL_HTTPS: [PROTOCOL_HTTPS, PROTOCOL_PROXY,
  214                      lib_consts.PROTOCOL_PROXYV2, PROTOCOL_TCP],
  215     PROTOCOL_TERMINATED_HTTPS: [PROTOCOL_HTTP, PROTOCOL_PROXY,
  216                                 lib_consts.PROTOCOL_PROXYV2],
  217     PROTOCOL_UDP: [PROTOCOL_UDP],
  218     lib_consts.PROTOCOL_SCTP: [lib_consts.PROTOCOL_SCTP]}
  219 
  220 # API Integer Ranges
  221 MIN_PORT_NUMBER = 1
  222 MAX_PORT_NUMBER = 65535
  223 
  224 DEFAULT_CONNECTION_LIMIT = -1
  225 MIN_CONNECTION_LIMIT = -1
  226 
  227 DEFAULT_WEIGHT = 1
  228 MIN_WEIGHT = 0
  229 MAX_WEIGHT = 256
  230 
  231 DEFAULT_MAX_RETRIES_DOWN = 3
  232 MIN_HM_RETRIES = 1
  233 MAX_HM_RETRIES = 10
  234 
  235 # 1 year:     y     d    h    m    ms
  236 MAX_TIMEOUT = 365 * 24 * 60 * 60 * 1000
  237 MIN_TIMEOUT = 0
  238 
  239 DEFAULT_TIMEOUT_CLIENT_DATA = 50000
  240 DEFAULT_TIMEOUT_MEMBER_CONNECT = 5000
  241 DEFAULT_TIMEOUT_MEMBER_DATA = 50000
  242 DEFAULT_TIMEOUT_TCP_INSPECT = 0
  243 
  244 MUTABLE_STATUSES = (lib_consts.ACTIVE,)
  245 DELETABLE_STATUSES = (lib_consts.ACTIVE, lib_consts.ERROR)
  246 FAILOVERABLE_STATUSES = (lib_consts.ACTIVE, lib_consts.ERROR)
  247 
  248 # Note: The database Amphora table has a foreign key constraint against
  249 #       the provisioning_status table
  250 SUPPORTED_AMPHORA_STATUSES = (
  251     lib_consts.AMPHORA_ALLOCATED, lib_consts.AMPHORA_BOOTING, lib_consts.ERROR,
  252     lib_consts.AMPHORA_READY, lib_consts.DELETED, lib_consts.PENDING_CREATE,
  253     lib_consts.PENDING_DELETE)
  254 
  255 AMPHORA_VM = 'VM'
  256 SUPPORTED_AMPHORA_TYPES = (AMPHORA_VM,)
  257 
  258 DISTINGUISHED_NAME_FIELD_REGEX = lib_consts.DISTINGUISHED_NAME_FIELD_REGEX
  259 
  260 # For redirect, only codes 301, 302, 303, 307 and 308 are # supported.
  261 SUPPORTED_L7POLICY_REDIRECT_HTTP_CODES = [301, 302, 303, 307, 308]
  262 
  263 SUPPORTED_HTTP_VERSIONS = [1.0, 1.1]
  264 
  265 MIN_POLICY_POSITION = 1
  266 # Largest a 32-bit integer can be, which is a limitation
  267 # here if you're using MySQL, as most probably are. This just needs
  268 # to be larger than any existing rule position numbers which will
  269 # definitely be the case with 2147483647
  270 MAX_POLICY_POSITION = 2147483647
  271 
  272 # Testing showed haproxy config failed to parse after more than
  273 # 53 rules per policy
  274 MAX_L7RULES_PER_L7POLICY = 50
  275 
  276 # See RFCs 2616, 2965, 6265, 7230: Should match characters valid in a
  277 # http header or cookie name.
  278 HTTP_HEADER_NAME_REGEX = r'\A[a-zA-Z0-9!#$%&\'*+-.^_`|~]+\Z'
  279 
  280 # See RFCs 2616, 2965, 6265: Should match characters valid in a cookie value.
  281 HTTP_COOKIE_VALUE_REGEX = r'\A[a-zA-Z0-9!#$%&\'()*+-./:<=>?@[\]^_`{|}~]+\Z'
  282 
  283 # See RFC 7230: Should match characters valid in a header value.
  284 HTTP_HEADER_VALUE_REGEX = (r'\A[a-zA-Z0-9'
  285                            r'!"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~\\]+\Z')
  286 
  287 # Also in RFC 7230: Should match characters valid in a header value
  288 # when quoted with double quotes.
  289 HTTP_QUOTED_HEADER_VALUE_REGEX = (r'\A"[a-zA-Z0-9 \t'
  290                                   r'!"#$%&\'()*+,-./:;<=>?@[\]^_`{|}~\\]*"\Z')
  291 
  292 DOMAIN_NAME_REGEX = (
  293     r'^(?=.{1,253}\.?$)(?:(?!-|[^.]+_)[A-Za-z0-9-_]{1,63}(?<!-)(?:\.|$))+$')
  294 
  295 # TaskFlow
  296 SUPPORTED_TASKFLOW_ENGINE_TYPES = ['serial', 'parallel']
  297 
  298 # Task/Flow constants
  299 ACTIVE_CONNECTIONS = 'active_connections'
  300 ADD_NICS = 'add_nics'
  301 ADDED_PORTS = 'added_ports'
  302 ADMIN_STATE_UP = 'admin_state_up'
  303 ALLOWED_ADDRESS_PAIRS = 'allowed_address_pairs'
  304 AMP_DATA = 'amp_data'
  305 AMP_VRRP_INT = 'amp_vrrp_int'
  306 AMPHORA = 'amphora'
  307 AMPHORA_DICT = 'amphora_dict'
  308 AMPHORA_ID = 'amphora_id'
  309 AMPHORA_INDEX = 'amphora_index'
  310 AMPHORA_NETWORK_CONFIG = 'amphora_network_config'
  311 AMPHORAE = 'amphorae'
  312 AMPHORAE_NETWORK_CONFIG = 'amphorae_network_config'
  313 AMPS_DATA = 'amps_data'
  314 ANTI_AFFINITY = 'anti-affinity'
  315 ATTEMPT_NUMBER = 'attempt_number'
  316 BASE_PORT = 'base_port'
  317 BYTES_IN = 'bytes_in'
  318 BYTES_OUT = 'bytes_out'
  319 CACHED_ZONE = 'cached_zone'
  320 CA_TLS_CERTIFICATE_ID = 'ca_tls_certificate_id'
  321 CIDR = 'cidr'
  322 CLIENT_CA_TLS_CERTIFICATE_ID = 'client_ca_tls_certificate_id'
  323 CLIENT_CRL_CONTAINER_ID = 'client_crl_container_id'
  324 COMPUTE_ID = 'compute_id'
  325 COMPUTE_OBJ = 'compute_obj'
  326 COMPUTE_ZONE = 'compute_zone'
  327 CONN_MAX_RETRIES = 'conn_max_retries'
  328 CONN_RETRY_INTERVAL = 'conn_retry_interval'
  329 CREATED_AT = 'created_at'
  330 CRL_CONTAINER_ID = 'crl_container_id'
  331 DEFAULT_TLS_CONTAINER_DATA = 'default_tls_container_data'
  332 DELETE_NICS = 'delete_nics'
  333 DELTA = 'delta'
  334 DELTAS = 'deltas'
  335 DESCRIPTION = 'description'
  336 DEVICE_OWNER = 'device_owner'
  337 ENABLED = 'enabled'
  338 FAILED_AMP_VRRP_PORT_ID = 'failed_amp_vrrp_port_id'
  339 FAILED_AMPHORA = 'failed_amphora'
  340 FAILOVER_AMPHORA = 'failover_amphora'
  341 FAILOVER_AMPHORA_ID = 'failover_amphora_id'
  342 FIELDS = 'fields'
  343 FIXED_IPS = 'fixed_ips'
  344 FLAVOR_ID = 'flavor_id'
  345 HA_IP = 'ha_ip'
  346 HA_PORT_ID = 'ha_port_id'
  347 HEALTH_MON = 'health_mon'
  348 HEALTH_MONITOR = 'health_monitor'
  349 HEALTH_MONITOR_ID = 'health_monitor_id'
  350 HEALTHMONITOR_ID = 'healthmonitor_id'
  351 HEALTH_MONITOR_UPDATES = 'health_monitor_updates'
  352 ID = 'id'
  353 IMAGE_ID = 'image_id'
  354 IP_ADDRESS = 'ip_address'
  355 IPV6_ICMP = 'ipv6-icmp'
  356 LB_NETWORK_IP = 'lb_network_ip'
  357 L7POLICY = 'l7policy'
  358 L7POLICY_ID = 'l7policy_id'
  359 L7POLICY_UPDATES = 'l7policy_updates'
  360 L7RULE = 'l7rule'
  361 L7RULE_ID = 'l7rule_id'
  362 L7RULE_UPDATES = 'l7rule_updates'
  363 LISTENER = 'listener'
  364 LISTENER_ID = 'listener_id'
  365 LISTENER_UPDATES = 'listener_updates'
  366 LOADBALANCER = 'loadbalancer'
  367 LOADBALANCER_ID = 'loadbalancer_id'
  368 LOAD_BALANCER_ID = 'load_balancer_id'
  369 LOAD_BALANCER_UPDATES = 'load_balancer_updates'
  370 MANAGEMENT_NETWORK = 'management_network'
  371 MEMBER = 'member'
  372 MEMBER_ID = 'member_id'
  373 MEMBER_PORTS = 'member_ports'
  374 MEMBER_UPDATES = 'member_updates'
  375 MESSAGE = 'message'
  376 NAME = 'name'
  377 NETWORK = 'network'
  378 NETWORK_ID = 'network_id'
  379 NICS = 'nics'
  380 OBJECT = 'object'
  381 ORIGINAL_HEALTH_MONITOR = 'original_health_monitor'
  382 ORIGINAL_L7POLICY = 'original_l7policy'
  383 ORIGINAL_L7RULE = 'original_l7rule'
  384 ORIGINAL_LISTENER = 'original_listener'
  385 ORIGINAL_LOADBALANCER = 'original_load_balancer'
  386 ORIGINAL_MEMBER = 'original_member'
  387 ORIGINAL_POOL = 'original_pool'
  388 PASSIVE_FAILURE = 'passive_failure'
  389 PEER_PORT = 'peer_port'
  390 POOL = 'pool'
  391 POOL_CHILD_COUNT = 'pool_child_count'
  392 POOL_ID = 'pool_id'
  393 POOL_UPDATES = 'pool_updates'
  394 PORT = 'port'
  395 PORT_ID = 'port_id'
  396 PORTS = 'ports'
  397 PROJECT_ID = 'project_id'
  398 PROVIDER = 'provider'
  399 PROVIDER_NAME = 'provider_name'
  400 QOS_POLICY_ID = 'qos_policy_id'
  401 REDIRECT_POOL = 'redirect_pool'
  402 REQ_CONN_TIMEOUT = 'req_conn_timeout'
  403 REQ_READ_TIMEOUT = 'req_read_timeout'
  404 REQUEST_ERRORS = 'request_errors'
  405 ROLE = 'role'
  406 SECURITY_GROUPS = 'security_groups'
  407 SECURITY_GROUP_RULES = 'security_group_rules'
  408 SERVER_GROUP_ID = 'server_group_id'
  409 SERVER_PEM = 'server_pem'
  410 SNI_CONTAINER_DATA = 'sni_container_data'
  411 SNI_CONTAINERS = 'sni_containers'
  412 SOFT_ANTI_AFFINITY = 'soft-anti-affinity'
  413 STATUS = 'status'
  414 STATUS_CODE = 'status_code'
  415 SUBNET = 'subnet'
  416 SUBNET_ID = 'subnet_id'
  417 TAGS = 'tags'
  418 TENANT_ID = 'tenant_id'
  419 TIMEOUT_DICT = 'timeout_dict'
  420 TLS_CERTIFICATE_ID = 'tls_certificate_id'
  421 TLS_CONTAINER_ID = 'tls_container_id'
  422 TOPOLOGY = 'topology'
  423 TOTAL_CONNECTIONS = 'total_connections'
  424 UPDATED_AT = 'updated_at'
  425 UPDATE_DICT = 'update_dict'
  426 VALID_VIP_NETWORKS = 'valid_vip_networks'
  427 VIP = 'vip'
  428 VIP_ADDRESS = 'vip_address'
  429 VIP_NETWORK = 'vip_network'
  430 VIP_PORT_ID = 'vip_port_id'
  431 VIP_QOS_POLICY_ID = 'vip_qos_policy_id'
  432 VIP_SG_ID = 'vip_sg_id'
  433 VIP_SUBNET = 'vip_subnet'
  434 VIP_SUBNET_ID = 'vip_subnet_id'
  435 VRRP_ID = 'vrrp_id'
  436 VRRP_IP = 'vrrp_ip'
  437 VRRP_GROUP = 'vrrp_group'
  438 VRRP_PORT = 'vrrp_port'
  439 VRRP_PORT_ID = 'vrrp_port_id'
  440 VRRP_PRIORITY = 'vrrp_priority'
  441 
  442 # Taskflow flow and task names
  443 CERT_ROTATE_AMPHORA_FLOW = 'octavia-cert-rotate-amphora-flow'
  444 CREATE_AMPHORA_FLOW = 'octavia-create-amphora-flow'
  445 CREATE_AMPHORA_RETRY_SUBFLOW = 'octavia-create-amphora-retry-subflow'
  446 CREATE_AMPHORA_FOR_LB_FLOW = 'octavia-create-amp-for-lb-flow'
  447 CREATE_HEALTH_MONITOR_FLOW = 'octavia-create-health-monitor-flow'
  448 CREATE_LISTENER_FLOW = 'octavia-create-listener_flow'
  449 PRE_CREATE_LOADBALANCER_FLOW = 'octavia-pre-create-loadbalancer-flow'
  450 CREATE_SERVER_GROUP_FLOW = 'octavia-create-server-group-flow'
  451 UPDATE_LB_SERVERGROUPID_FLOW = 'octavia-update-lb-server-group-id-flow'
  452 CREATE_LISTENERS_FLOW = 'octavia-create-all-listeners-flow'
  453 CREATE_LOADBALANCER_FLOW = 'octavia-create-loadbalancer-flow'
  454 CREATE_LOADBALANCER_GRAPH_FLOW = 'octavia-create-loadbalancer-graph-flow'
  455 CREATE_MEMBER_FLOW = 'octavia-create-member-flow'
  456 CREATE_POOL_FLOW = 'octavia-create-pool-flow'
  457 CREATE_L7POLICY_FLOW = 'octavia-create-l7policy-flow'
  458 CREATE_L7RULE_FLOW = 'octavia-create-l7rule-flow'
  459 DELETE_AMPHORA_FLOW = 'octavia-delete-amphora-flow'
  460 DELETE_EXTRA_AMPHORAE_FLOW = 'octavia-delete-extra-amphorae-flow'
  461 DELETE_HEALTH_MONITOR_FLOW = 'octavia-delete-health-monitor-flow'
  462 DELETE_LISTENER_FLOW = 'octavia-delete-listener_flow'
  463 DELETE_LOADBALANCER_FLOW = 'octavia-delete-loadbalancer-flow'
  464 DELETE_MEMBER_FLOW = 'octavia-delete-member-flow'
  465 DELETE_POOL_FLOW = 'octavia-delete-pool-flow'
  466 DELETE_L7POLICY_FLOW = 'octavia-delete-l7policy-flow'
  467 DELETE_L7RULE_FLOW = 'octavia-delete-l7policy-flow'
  468 FAILOVER_AMPHORA_FLOW = 'octavia-failover-amphora-flow'
  469 FAILOVER_LOADBALANCER_FLOW = 'octavia-failover-loadbalancer-flow'
  470 FINALIZE_AMPHORA_FLOW = 'octavia-finalize-amphora-flow'
  471 LOADBALANCER_NETWORKING_SUBFLOW = 'octavia-new-loadbalancer-net-subflow'
  472 UPDATE_HEALTH_MONITOR_FLOW = 'octavia-update-health-monitor-flow'
  473 UPDATE_LISTENER_FLOW = 'octavia-update-listener-flow'
  474 UPDATE_LOADBALANCER_FLOW = 'octavia-update-loadbalancer-flow'
  475 UPDATE_MEMBER_FLOW = 'octavia-update-member-flow'
  476 UPDATE_POOL_FLOW = 'octavia-update-pool-flow'
  477 UPDATE_L7POLICY_FLOW = 'octavia-update-l7policy-flow'
  478 UPDATE_L7RULE_FLOW = 'octavia-update-l7rule-flow'
  479 UPDATE_AMPS_SUBFLOW = 'octavia-update-amps-subflow'
  480 UPDATE_AMPHORA_CONFIG_FLOW = 'octavia-update-amp-config-flow'
  481 
  482 POST_MAP_AMP_TO_LB_SUBFLOW = 'octavia-post-map-amp-to-lb-subflow'
  483 CREATE_AMP_FOR_LB_SUBFLOW = 'octavia-create-amp-for-lb-subflow'
  484 CREATE_AMP_FOR_FAILOVER_SUBFLOW = 'octavia-create-amp-for-failover-subflow'
  485 AMP_PLUG_NET_SUBFLOW = 'octavia-plug-net-subflow'
  486 GET_AMPHORA_FOR_LB_SUBFLOW = 'octavia-get-amphora-for-lb-subflow'
  487 POST_LB_AMP_ASSOCIATION_SUBFLOW = (
  488     'octavia-post-loadbalancer-amp_association-subflow')
  489 AMPHORA_LISTENER_START_SUBFLOW = 'amphora-listener-start-subflow'
  490 AMPHORA_LISTENER_RELOAD_SUBFLOW = 'amphora-listener-start-subflow'
  491 
  492 MAP_LOADBALANCER_TO_AMPHORA = 'octavia-mapload-balancer-to-amphora'
  493 RELOAD_AMPHORA = 'octavia-reload-amphora'
  494 CREATE_AMPHORA_INDB = 'octavia-create-amphora-indb'
  495 GENERATE_SERVER_PEM = 'octavia-generate-serverpem'
  496 UPDATE_CERT_EXPIRATION = 'octavia-update-cert-expiration'
  497 CERT_COMPUTE_CREATE = 'octavia-cert-compute-create'
  498 COMPUTE_CREATE = 'octavia-compute-create'
  499 UPDATE_AMPHORA_COMPUTEID = 'octavia-update-amphora-computeid'
  500 MARK_AMPHORA_BOOTING_INDB = 'octavia-mark-amphora-booting-indb'
  501 WAIT_FOR_AMPHORA = 'octavia-wait_for_amphora'
  502 COMPUTE_WAIT = 'octavia-compute-wait'
  503 UPDATE_AMPHORA_INFO = 'octavia-update-amphora-info'
  504 AMPHORA_FINALIZE = 'octavia-amphora-finalize'
  505 MARK_AMPHORA_ALLOCATED_INDB = 'octavia-mark-amphora-allocated-indb'
  506 MARK_AMPHORA_READY_INDB = 'octavia-mark-amphora-ready-indb'
  507 MARK_LB_ACTIVE_INDB = 'octavia-mark-lb-active-indb'
  508 MARK_AMP_MASTER_INDB = 'octavia-mark-amp-master-indb'
  509 MARK_AMP_BACKUP_INDB = 'octavia-mark-amp-backup-indb'
  510 MARK_AMP_STANDALONE_INDB = 'octavia-mark-amp-standalone-indb'
  511 GET_VRRP_SUBFLOW = 'octavia-get-vrrp-subflow'
  512 AMP_VRRP_UPDATE = 'octavia-amphora-vrrp-update'
  513 AMP_VRRP_START = 'octavia-amphora-vrrp-start'
  514 AMP_VRRP_STOP = 'octavia-amphora-vrrp-stop'
  515 AMP_UPDATE_VRRP_INTF = 'octavia-amphora-update-vrrp-intf'
  516 CREATE_VRRP_GROUP_FOR_LB = 'octavia-create-vrrp-group-for-lb'
  517 CREATE_VRRP_SECURITY_RULES = 'octavia-create-vrrp-security-rules'
  518 AMP_COMPUTE_CONNECTIVITY_WAIT = 'octavia-amp-compute-connectivity-wait'
  519 AMP_LISTENER_UPDATE = 'octavia-amp-listeners-update'
  520 AMP_LISTENER_START = 'octavia-amp-listeners-start'
  521 PLUG_VIP_AMPHORA = 'octavia-amp-plug-vip'
  522 APPLY_QOS_AMP = 'octavia-amp-apply-qos'
  523 UPDATE_AMPHORA_VIP_DATA = 'ocatvia-amp-update-vip-data'
  524 GET_AMP_NETWORK_CONFIG = 'octavia-amp-get-network-config'
  525 AMP_POST_VIP_PLUG = 'octavia-amp-post-vip-plug'
  526 GENERATE_SERVER_PEM_TASK = 'GenerateServerPEMTask'
  527 AMPHORA_CONFIG_UPDATE_TASK = 'AmphoraConfigUpdateTask'
  528 FIRST_AMP_NETWORK_CONFIGS = 'first-amp-network-configs'
  529 FIRST_AMP_VRRP_INTERFACE = 'first-amp-vrrp_interface'
  530 
  531 # Batch Member Update constants
  532 UNORDERED_MEMBER_UPDATES_FLOW = 'octavia-unordered-member-updates-flow'
  533 UNORDERED_MEMBER_ACTIVE_FLOW = 'octavia-unordered-member-active-flow'
  534 UPDATE_ATTRIBUTES_FLOW = 'octavia-update-attributes-flow'
  535 DELETE_MODEL_OBJECT_FLOW = 'octavia-delete-model-object-flow'
  536 BATCH_UPDATE_MEMBERS_FLOW = 'octavia-batch-update-members-flow'
  537 MEMBER_TO_ERROR_ON_REVERT_FLOW = 'octavia-member-to-error-on-revert-flow'
  538 DECREMENT_MEMBER_QUOTA_FLOW = 'octavia-decrement-member-quota-flow'
  539 MARK_MEMBER_ACTIVE_INDB = 'octavia-mark-member-active-indb'
  540 UPDATE_MEMBER_INDB = 'octavia-update-member-indb'
  541 DELETE_MEMBER_INDB = 'octavia-delete-member-indb'
  542 
  543 # Task Names
  544 ADMIN_DOWN_PORT = 'admin-down-port'
  545 AMPHORA_POST_VIP_PLUG = 'amphora-post-vip-plug'
  546 AMPHORA_RELOAD_LISTENER = 'amphora-reload-listener'
  547 AMPHORA_TO_ERROR_ON_REVERT = 'amphora-to-error-on-revert'
  548 AMPHORAE_POST_NETWORK_PLUG = 'amphorae-post-network-plug'
  549 ATTACH_PORT = 'attach-port'
  550 CALCULATE_AMPHORA_DELTA = 'calculate-amphora-delta'
  551 CREATE_VIP_BASE_PORT = 'create-vip-base-port'
  552 DELETE_AMPHORA = 'delete-amphora'
  553 DELETE_PORT = 'delete-port'
  554 DISABLE_AMP_HEALTH_MONITORING = 'disable-amphora-health-monitoring'
  555 GET_AMPHORA_NETWORK_CONFIGS_BY_ID = 'get-amphora-network-configs-by-id'
  556 GET_AMPHORAE_FROM_LB = 'get-amphorae-from-lb'
  557 HANDLE_NETWORK_DELTA = 'handle-network-delta'
  558 MARK_AMPHORA_DELETED = 'mark-amphora-deleted'
  559 MARK_AMPHORA_PENDING_DELETE = 'mark-amphora-pending-delete'
  560 MARK_AMPHORA_HEALTH_BUSY = 'mark-amphora-health-busy'
  561 RELOAD_AMP_AFTER_PLUG_VIP = 'reload-amp-after-plug-vip'
  562 RELOAD_LB_AFTER_AMP_ASSOC = 'reload-lb-after-amp-assoc'
  563 RELOAD_LB_AFTER_AMP_ASSOC_FULL_GRAPH = 'reload-lb-after-amp-assoc-full-graph'
  564 RELOAD_LB_AFTER_PLUG_VIP = 'reload-lb-after-plug-vip'
  565 RELOAD_LB_BEFOR_ALLOCATE_VIP = 'reload-lb-before-allocate-vip'
  566 UPDATE_AMP_FAILOVER_DETAILS = 'update-amp-failover-details'
  567 
  568 
  569 NOVA_1 = '1.1'
  570 NOVA_21 = '2.1'
  571 NOVA_3 = '3'
  572 NOVA_VERSIONS = (NOVA_1, NOVA_21, NOVA_3)
  573 
  574 # Auth sections
  575 SERVICE_AUTH = 'service_auth'
  576 
  577 RPC_NAMESPACE_CONTROLLER_AGENT = 'controller'
  578 
  579 # Build Type Priority
  580 LB_CREATE_FAILOVER_PRIORITY = 20
  581 LB_CREATE_NORMAL_PRIORITY = 40
  582 LB_CREATE_SPARES_POOL_PRIORITY = 60
  583 LB_CREATE_ADMIN_FAILOVER_PRIORITY = 80
  584 BUILD_TYPE_PRIORITY = 'build_type_priority'
  585 
  586 # Active standalone roles and topology
  587 TOPOLOGY_SINGLE = 'SINGLE'
  588 TOPOLOGY_ACTIVE_STANDBY = 'ACTIVE_STANDBY'
  589 ROLE_MASTER = 'MASTER'
  590 ROLE_BACKUP = 'BACKUP'
  591 ROLE_STANDALONE = 'STANDALONE'
  592 
  593 SUPPORTED_LB_TOPOLOGIES = (TOPOLOGY_ACTIVE_STANDBY, TOPOLOGY_SINGLE)
  594 SUPPORTED_AMPHORA_ROLES = (ROLE_BACKUP, ROLE_MASTER, ROLE_STANDALONE)
  595 
  596 TOPOLOGY_STATUS_OK = 'OK'
  597 
  598 ROLE_MASTER_PRIORITY = 100
  599 ROLE_BACKUP_PRIORITY = 90
  600 
  601 VRRP_AUTH_DEFAULT = 'PASS'
  602 VRRP_AUTH_AH = 'AH'
  603 SUPPORTED_VRRP_AUTH = (VRRP_AUTH_DEFAULT, VRRP_AUTH_AH)
  604 
  605 KEEPALIVED_CMD = '/usr/sbin/keepalived '
  606 # The DEFAULT_VRRP_ID value needs to be variable for multi tenant support
  607 # per amphora in the future
  608 DEFAULT_VRRP_ID = 1
  609 VRRP_PROTOCOL_NUM = 112
  610 AUTH_HEADER_PROTOCOL_NUMBER = 51
  611 
  612 TEMPLATES = '/templates'
  613 AGENT_API_TEMPLATES = '/templates'
  614 LOGGING_TEMPLATES = '/templates'
  615 
  616 AGENT_CONF_TEMPLATE = 'amphora_agent_conf.template'
  617 LOGGING_CONF_TEMPLATE = '10-rsyslog.conf.template'
  618 USER_DATA_CONFIG_DRIVE_TEMPLATE = 'user_data_config_drive.template'
  619 
  620 OPEN = 'OPEN'
  621 FULL = 'FULL'
  622 
  623 # OPEN = HAProxy listener status nbconn < maxconn
  624 # FULL = HAProxy listener status not nbconn < maxconn
  625 HAPROXY_LISTENER_STATUSES = (OPEN, FULL)
  626 
  627 UP = 'UP'
  628 DOWN = 'DOWN'
  629 
  630 # UP = HAProxy backend has working or no servers
  631 # DOWN = HAProxy backend has no working servers
  632 HAPROXY_BACKEND_STATUSES = (UP, DOWN)
  633 
  634 
  635 DRAIN = 'DRAIN'
  636 MAINT = 'MAINT'
  637 NO_CHECK = 'no check'
  638 
  639 # DRAIN = member is weight 0 and is in draining mode
  640 # MAINT = member is downed for maintenance? not sure when this happens
  641 # NO_CHECK = no health monitor is enabled
  642 HAPROXY_MEMBER_STATUSES = (UP, DOWN, DRAIN, MAINT, NO_CHECK)
  643 
  644 # Default number of concurrent connections in a HAProxy listener.
  645 HAPROXY_DEFAULT_MAXCONN = 50000
  646 
  647 # Current maximum number of conccurent connections in HAProxy.
  648 # This is limited by the systemd "LimitNOFILE" and
  649 # the sysctl fs.file-max fs.nr_open settings in the image
  650 HAPROXY_MAX_MAXCONN = 1000000
  651 
  652 RESTARTING = 'RESTARTING'
  653 
  654 # Quota Constants
  655 QUOTA_UNLIMITED = -1
  656 MIN_QUOTA = QUOTA_UNLIMITED
  657 MAX_QUOTA = 2000000000
  658 
  659 API_VERSION = '0.5'
  660 
  661 HAPROXY_BASE_PEER_PORT = 1025
  662 KEEPALIVED_JINJA2_UPSTART = 'keepalived.upstart.j2'
  663 KEEPALIVED_JINJA2_SYSTEMD = 'keepalived.systemd.j2'
  664 KEEPALIVED_JINJA2_SYSVINIT = 'keepalived.sysvinit.j2'
  665 CHECK_SCRIPT_CONF = 'keepalived_check_script.conf.j2'
  666 KEEPALIVED_CHECK_SCRIPT = 'keepalived_lvs_check_script.sh.j2'
  667 
  668 PLUGGED_INTERFACES = '/var/lib/octavia/plugged_interfaces'
  669 HAPROXY_USER_GROUP_CFG = '/var/lib/octavia/haproxy-default-user-group.conf'
  670 AMPHORA_NAMESPACE = 'amphora-haproxy'
  671 
  672 FLOW_DOC_TITLES = {'AmphoraFlows': 'Amphora Flows',
  673                    'LoadBalancerFlows': 'Load Balancer Flows',
  674                    'ListenerFlows': 'Listener Flows',
  675                    'PoolFlows': 'Pool Flows',
  676                    'MemberFlows': 'Member Flows',
  677                    'HealthMonitorFlows': 'Health Monitor Flows',
  678                    'L7PolicyFlows': 'Layer 7 Policy Flows',
  679                    'L7RuleFlows': 'Layer 7 Rule Flows'}
  680 
  681 NETNS_PRIMARY_INTERFACE = 'eth1'
  682 SYSCTL_CMD = '/sbin/sysctl'
  683 
  684 AMP_ACTION_START = 'start'
  685 AMP_ACTION_STOP = 'stop'
  686 AMP_ACTION_RELOAD = 'reload'
  687 AMP_ACTION_RESTART = 'restart'
  688 GLANCE_IMAGE_ACTIVE = 'active'
  689 
  690 INIT_SYSTEMD = 'systemd'
  691 INIT_UPSTART = 'upstart'
  692 INIT_SYSVINIT = 'sysvinit'
  693 INIT_UNKOWN = 'unknown'
  694 VALID_INIT_SYSTEMS = (INIT_SYSTEMD, INIT_SYSVINIT, INIT_UPSTART)
  695 INIT_PATH = '/sbin/init'
  696 
  697 SYSTEMD_DIR = '/usr/lib/systemd/system'
  698 SYSVINIT_DIR = '/etc/init.d'
  699 UPSTART_DIR = '/etc/init'
  700 
  701 INIT_PROC_COMM_PATH = '/proc/1/comm'
  702 
  703 KEEPALIVED_SYSTEMD = 'octavia-keepalived.service'
  704 KEEPALIVED_SYSVINIT = 'octavia-keepalived'
  705 KEEPALIVED_UPSTART = 'octavia-keepalived.conf'
  706 
  707 KEEPALIVED_SYSTEMD_PREFIX = 'octavia-keepalivedlvs-%s.service'
  708 KEEPALIVED_SYSVINIT_PREFIX = 'octavia-keepalivedlvs-%s'
  709 KEEPALIVED_UPSTART_PREFIX = 'octavia-keepalivedlvs-%s.conf'
  710 
  711 # Authentication
  712 KEYSTONE = 'keystone'
  713 NOAUTH = 'noauth'
  714 TESTING = 'testing'
  715 
  716 # Amphora distro-specific data
  717 UBUNTU_AMP_NET_DIR_TEMPLATE = '/etc/netns/{netns}/network/interfaces.d/'
  718 RH_AMP_NET_DIR_TEMPLATE = '/etc/netns/{netns}/sysconfig/network-scripts/'
  719 UBUNTU = 'ubuntu'
  720 CENTOS = 'centos'
  721 
  722 # Pagination, sorting, filtering values
  723 APPLICATION_JSON = 'application/json'
  724 PAGINATION_HELPER = 'pagination_helper'
  725 ASC = 'asc'
  726 DESC = 'desc'
  727 ALLOWED_SORT_DIR = (ASC, DESC)
  728 DEFAULT_SORT_DIR = ASC
  729 DEFAULT_SORT_KEYS = ['created_at', 'id']
  730 DEFAULT_PAGE_SIZE = 1000
  731 
  732 # RBAC
  733 LOADBALANCER_API = 'os_load-balancer_api'
  734 
  735 RULE_API_ADMIN = 'rule:load-balancer:admin'
  736 RULE_API_READ = 'rule:load-balancer:read'
  737 RULE_API_READ_GLOBAL = 'rule:load-balancer:read-global'
  738 RULE_API_WRITE = 'rule:load-balancer:write'
  739 RULE_API_READ_QUOTA = 'rule:load-balancer:read-quota'
  740 RULE_API_READ_QUOTA_GLOBAL = 'rule:load-balancer:read-quota-global'
  741 RULE_API_WRITE_QUOTA = 'rule:load-balancer:write-quota'
  742 
  743 RBAC_LOADBALANCER = '{}:loadbalancer:'.format(LOADBALANCER_API)
  744 RBAC_LISTENER = '{}:listener:'.format(LOADBALANCER_API)
  745 RBAC_POOL = '{}:pool:'.format(LOADBALANCER_API)
  746 RBAC_MEMBER = '{}:member:'.format(LOADBALANCER_API)
  747 RBAC_HEALTHMONITOR = '{}:healthmonitor:'.format(LOADBALANCER_API)
  748 RBAC_L7POLICY = '{}:l7policy:'.format(LOADBALANCER_API)
  749 RBAC_L7RULE = '{}:l7rule:'.format(LOADBALANCER_API)
  750 RBAC_QUOTA = '{}:quota:'.format(LOADBALANCER_API)
  751 RBAC_AMPHORA = '{}:amphora:'.format(LOADBALANCER_API)
  752 RBAC_PROVIDER = '{}:provider:'.format(LOADBALANCER_API)
  753 RBAC_PROVIDER_FLAVOR = '{}:provider-flavor:'.format(LOADBALANCER_API)
  754 RBAC_PROVIDER_AVAILABILITY_ZONE = '{}:provider-availability-zone:'.format(
  755     LOADBALANCER_API)
  756 RBAC_FLAVOR = '{}:flavor:'.format(LOADBALANCER_API)
  757 RBAC_FLAVOR_PROFILE = '{}:flavor-profile:'.format(LOADBALANCER_API)
  758 RBAC_AVAILABILITY_ZONE = '{}:availability-zone:'.format(LOADBALANCER_API)
  759 RBAC_AVAILABILITY_ZONE_PROFILE = '{}:availability-zone-profile:'.format(
  760     LOADBALANCER_API)
  761 
  762 RBAC_POST = 'post'
  763 RBAC_PUT = 'put'
  764 RBAC_PUT_CONFIG = 'put_config'
  765 RBAC_PUT_FAILOVER = 'put_failover'
  766 RBAC_DELETE = 'delete'
  767 RBAC_GET_ONE = 'get_one'
  768 RBAC_GET_ALL = 'get_all'
  769 RBAC_GET_ALL_GLOBAL = 'get_all-global'
  770 RBAC_GET_DEFAULTS = 'get_defaults'
  771 RBAC_GET_STATS = 'get_stats'
  772 RBAC_GET_STATUS = 'get_status'
  773 
  774 RBAC_SCOPE_PROJECT = 'project'
  775 RBAC_SCOPE_SYSTEM = 'system'
  776 
  777 RBAC_ROLES_DEPRECATED_REASON = (
  778     'The Octavia API now requires the OpenStack default roles and scoped '
  779     'tokens. '
  780     'See https://docs.openstack.org/octavia/latest/configuration/policy.html '
  781     'and https://docs.openstack.org/keystone/latest/contributor/'
  782     'services.html#reusable-default-roles for more information.')
  783 
  784 # PROVIDERS
  785 OCTAVIA = 'octavia'
  786 AMPHORAV2 = 'amphorav2'
  787 
  788 # systemctl commands
  789 DISABLE = 'disable'
  790 ENABLE = 'enable'
  791 
  792 # systemd amphora netns service prefix
  793 AMP_NETNS_SVC_PREFIX = 'amphora-netns'
  794 
  795 # Amphora Feature Compatibility
  796 HTTP_REUSE = 'has_http_reuse'
  797 POOL_ALPN = 'has_pool_alpn'
  798 
  799 # TODO(johnsom) convert these to octavia_lib constants
  800 # once octavia is transitioned to use octavia_lib
  801 FLAVOR = 'flavor'
  802 FLAVOR_DATA = 'flavor_data'
  803 AVAILABILITY_ZONE = 'availability_zone'
  804 AVAILABILITY_ZONE_DATA = 'availability_zone_data'
  805 
  806 # Flavor metadata
  807 LOADBALANCER_TOPOLOGY = 'loadbalancer_topology'
  808 COMPUTE_FLAVOR = 'compute_flavor'
  809 AMP_IMAGE_TAG = 'amp_image_tag'
  810 
  811 # TODO(johnsom) move to octavia_lib
  812 # client certification authorization option
  813 CLIENT_AUTH_NONE = 'NONE'
  814 CLIENT_AUTH_OPTIONAL = 'OPTIONAL'
  815 CLIENT_AUTH_MANDATORY = 'MANDATORY'
  816 SUPPORTED_CLIENT_AUTH_MODES = [CLIENT_AUTH_NONE, CLIENT_AUTH_OPTIONAL,
  817                                CLIENT_AUTH_MANDATORY]
  818 
  819 TOPIC_AMPHORA_V2 = 'octavia_provisioning_v2'
  820 
  821 HAPROXY_HTTP_PROTOCOLS = [lib_consts.PROTOCOL_HTTP,
  822                           lib_consts.PROTOCOL_TERMINATED_HTTPS]
  823 
  824 LVS_PROTOCOLS = [PROTOCOL_UDP,
  825                  lib_consts.PROTOCOL_SCTP]
  826 
  827 HAPROXY_BACKEND = 'HAPROXY'
  828 LVS_BACKEND = 'LVS'
  829 
  830 # Map each supported protocol to its L4 protocol
  831 L4_PROTOCOL_MAP = {
  832     PROTOCOL_TCP: PROTOCOL_TCP,
  833     PROTOCOL_HTTP: PROTOCOL_TCP,
  834     PROTOCOL_HTTPS: PROTOCOL_TCP,
  835     PROTOCOL_TERMINATED_HTTPS: PROTOCOL_TCP,
  836     PROTOCOL_PROXY: PROTOCOL_TCP,
  837     lib_consts.PROTOCOL_PROXYV2: PROTOCOL_TCP,
  838     PROTOCOL_UDP: PROTOCOL_UDP,
  839     lib_consts.PROTOCOL_SCTP: lib_consts.PROTOCOL_SCTP,
  840 }
  841 
  842 # Image drivers
  843 SUPPORTED_IMAGE_DRIVERS = ['image_noop_driver',
  844                            'image_glance_driver']
  845 
  846 # Volume drivers
  847 VOLUME_NOOP_DRIVER = 'volume_noop_driver'
  848 SUPPORTED_VOLUME_DRIVERS = [VOLUME_NOOP_DRIVER,
  849                             'volume_cinder_driver']
  850 
  851 # Cinder volume driver constants
  852 CINDER_STATUS_AVAILABLE = 'available'
  853 CINDER_STATUS_ERROR = 'error'
  854 CINDER_ACTION_CREATE_VOLUME = 'create volume'
  855 
  856 # The nil UUID (used in octavia for deleted references) - RFC 4122
  857 NIL_UUID = '00000000-0000-0000-0000-000000000000'
  858 
  859 # OpenSSL cipher strings
  860 CIPHERS_OWASP_SUITE_B = ('TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:'
  861                          'TLS_AES_128_GCM_SHA256:DHE-RSA-AES256-GCM-SHA384:'
  862                          'DHE-RSA-AES128-GCM-SHA256:'
  863                          'ECDHE-RSA-AES256-GCM-SHA384:'
  864                          'ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA256:'
  865                          'DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:'
  866                          'ECDHE-RSA-AES128-SHA256')
  867 
  868 TLS_VERSIONS_OWASP_SUITE_B = [lib_consts.TLS_VERSION_1_2,
  869                               lib_consts.TLS_VERSION_1_3]
  870 
  871 # All supported TLS versions in ascending order (oldest to newest)
  872 TLS_ALL_VERSIONS = [
  873     lib_consts.SSL_VERSION_3,
  874     lib_consts.TLS_VERSION_1,
  875     lib_consts.TLS_VERSION_1_1,
  876     lib_consts.TLS_VERSION_1_2,
  877     lib_consts.TLS_VERSION_1_3
  878 ]
  879 
  880 VIP_SECURITY_GROUP_PREFIX = 'lb-'
  881 
  882 AMP_BASE_PORT_PREFIX = 'octavia-lb-vrrp-'
  883 OCTAVIA_OWNED = 'octavia_owned'
  884 
  885 # Sadly in the LBaaS v2 API, header insertions are on the listener objects
  886 # but they should be on the pool. Dealing with it until v3.
  887 LISTENER_PROTOCOLS_SUPPORTING_HEADER_INSERTION = [PROTOCOL_HTTP,
  888                                                   PROTOCOL_TERMINATED_HTTPS]
  889 
  890 SUPPORTED_ALPN_PROTOCOLS = [lib_consts.ALPN_PROTOCOL_HTTP_2,
  891                             lib_consts.ALPN_PROTOCOL_HTTP_1_1,
  892                             lib_consts.ALPN_PROTOCOL_HTTP_1_0]
  893 
  894 AMPHORA_SUPPORTED_ALPN_PROTOCOLS = [lib_consts.ALPN_PROTOCOL_HTTP_2,
  895                                     lib_consts.ALPN_PROTOCOL_HTTP_1_1,
  896                                     lib_consts.ALPN_PROTOCOL_HTTP_1_0]