Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- branch1_vpn:
- type: vyatta-machine
- properties:
- netconf_auth:
- user: { get_input: netconf_user }
- password: { get_input: netconf_user }
- key_content: { get_input: netconf_key_content }
- relationships:
- - type: cloudify.relationships.contained_in
- target: vrouter_branch1_VM
- - type: cloudify.relationships.depends_on
- target: branch1_dataplane_dp0s3
- - type: cloudify.relationships.depends_on
- target: branch1_dataplane_dp0s4
- - type: cloudify.relationships.depends_on
- target: branch1_dataplane_dp0s5
- interfaces:
- cloudify.interfaces.lifecycle:
- create:
- inputs:
- netconf_auth:
- ip: { get_attribute: [ vrouter_branch1_VM, networks, demo_management ]}
- lock:
- - rfc6020@candidate
- back_database: rfc6020@candidate
- front_database: rfc6020@running
- calls:
- - action: rfc6020@edit-config
- validate_xml: false
- payload:
- rfc6020@config:
- vyatta-security-v1@security:
- vyatta-security-vpn-ipsec-v1@vpn:
- vyatta-security-vpn-ipsec-v1@ipsec:
- vyatta-security-vpn-ipsec-v1@esp-group:
- vyatta-security-vpn-ipsec-v1@tagnode: ESP-1W
- vyatta-security-vpn-ipsec-v1@proposal:
- vyatta-security-vpn-ipsec-v1@tagnode: 1
- vyatta-security-vpn-ipsec-v1@encryption: aes256
- vyatta-security-vpn-ipsec-v1@hash: sha1
- vyatta-security-vpn-ipsec-v1@lifetime: 1800
- - action: rfc6020@edit-config
- validate_xml: false
- payload:
- rfc6020@config:
- vyatta-security-v1@security:
- vyatta-security-vpn-ipsec-v1@vpn:
- vyatta-security-vpn-ipsec-v1@ipsec:
- vyatta-security-vpn-ipsec-v1@ike-group:
- vyatta-security-vpn-ipsec-v1@tagnode: IKE-1W
- vyatta-security-vpn-ipsec-v1@proposal:
- vyatta-security-vpn-ipsec-v1@tagnode: 1
- vyatta-security-vpn-ipsec-v1@encryption: aes256
- vyatta-security-vpn-ipsec-v1@hash: sha1
- vyatta-security-vpn-ipsec-v1@lifetime: 3600
- - action: rfc6020@edit-config
- validate_xml: false
- payload:
- rfc6020@config:
- vyatta-if-v1@interfaces:
- vyatta-interfaces-vti-v1@vti:
- vyatta-interfaces-vti-v1@tagnode: vti0
- vyatta-interfaces-vti-v1@address: 172.169.97.249/30
- configure:
- inputs:
- netconf_auth:
- ip: { get_attribute: [ vrouter_branch1_VM, networks, demo_management ]}
- lock:
- - rfc6020@candidate
- back_database: rfc6020@candidate
- front_database: rfc6020@running
- calls:
- - action: rfc6020@get-config
- payload:
- rfc6020@source:
- rfc6020@running: {}
- save_to: origin_interfaces
- - action: rfc6020@edit-config
- validate_xml: false
- payload:
- rfc6020@config:
- vyatta-security-v1@security:
- vyatta-security-vpn-ipsec-v1@vpn:
- vyatta-security-vpn-ipsec-v1@ipsec:
- vyatta-security-vpn-ipsec-v1@site-to-site:
- vyatta-security-vpn-ipsec-v1@peer:
- vyatta-security-vpn-ipsec-v1@tagnode: { get_attribute: [ vrouter_branch2_VM, networks, demo_public ] }
- vyatta-security-vpn-ipsec-v1@authentication:
- vyatta-security-vpn-ipsec-v1@pre-shared-secret: test_key_1
- vyatta-security-vpn-ipsec-v1@ike-group: IKE-1W
- vyatta-security-vpn-ipsec-v1@local-address: { get_attribute: [ vrouter_branch1_VM, networks, demo_public ] }
- vyatta-security-vpn-ipsec-v1@vti:
- vyatta-security-vpn-ipsec-v1@bind: vti0
- vyatta-security-vpn-ipsec-v1@esp-group: ESP-1W
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement