Jump to: navigation, search

Difference between revisions of "OpenStackClient/Commands"

(stack)
(Replaced content with "''[Note: The former content of this page was removed on 23Mar2016 as it was over 15 months out of date. The current information that was formerly on this page can be foun...")
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
__TOC__
+
''[Note: The former content of this page was removed on 23Mar2016 as it was over 15 months out of date.  The current information that was formerly on this page can be found at [http://docs.openstack.org/developer/python-openstackclient/command-list.html OpenStack Documentation]'']
 
 
= Command Structure =
 
 
 
The detailed command structure is described in [[OpenStackClient/HumanInterfaceGuidelines#Command_Structure]].
 
 
 
== Command Arguments ==
 
 
 
* Arguments that normally require an ID in the OS-API may also use the name or other short identifier where reasonable to support
 
* Optional machine-parsable format is available with list and show commands.  List has an option for CSV-formatted output (see --format, --quote options for a list command) while show has an option for shell-assignment formatted output (see --format option for a show command).
 
 
 
 
 
== Objects ==
 
 
 
'''''Note: these need a review to sync up with the revised object names without dashes ('-') in them.'''''
 
 
 
* <code>agent</code> - [[#Compute|Compute]] - [[#compute_agent|compute agent]]
 
* <code>agent</code> - [[#Network|Network]] - [[#Network_Agent|network agent]]
 
* <code>aggregate</code> - [[#Compute|Compute]] - [[#aggregate|aggregate]]
 
* <code>complete</code> - [[#Cross_API|Common]] - [[#Complete|complete]]
 
* <code>catalog</code> - [[#Identity|Identity]] - [[#catalog|catalog]]
 
* <code>cisco</code> - [[#Network|Network]] - [[#Cisco|cisco]]
 
* <code>cloudpipe</code> - [[#Compute|Compute]] - [[#cloudpipe|cloudpipe]]
 
* <code>console</code> - [[#Compute|Compute]] - [[#console|console]]
 
* <code>container</code> - [[#Object|Object]] - [[#container|container]]
 
* <code>consumer</code> - [[#Identity|Identity]] - an OAuth [[#consumer|consumer]]
 
* <code>credential</code> - [[#API_v3|Identity v3]] - [[#credential|credential]]
 
* <code>credentials</code> - [[#Compute|Compute]] - [[#credentials|credentials]]
 
* <code>dhcp agent</code> - [[#Network|Network]] - [[#DHCP_Agent|dhcp agent]]
 
* <code>diagnostics</code> - [[#Compute|Compute]] - [[#diagnostics|diagnostics]]
 
* <code>dns</code> - [[#Compute|Compute]] - [[#dns|dns]]
 
* <code>domain</code> - [[#API_v3|Identity v3]] - [[#domain|domain]]
 
* <code>ec2-credentials</code> - [[#Identity|Identity]] - [[#ec2-credentials|ec2-credentials]]
 
* <code>endpoint</code> - [[#Identity|Identity]] - [[#endpoint|endpoint]]
 
* <code>endpoints</code> - [[#Compute|Compute]] - [[#endpoints|endpoints]]
 
* <code>extension</code> - [[#Cross_API|Common]] - [[#extension|extension]]
 
* <code>federation protocol</code> - [[#Identity|Identity]] - [[#federation_protocol|federation_protocol]]
 
* <code>firewall</code> - [[#Network|Network]] - [[#Firewall|firewall]]
 
* <code>firewall policy</code> - [[#Network|Network]] - [[#Firewall_Policy|firewall]]
 
* <code>firewall rule</code> - [[#Network|Network]] - [[#Firewall_Rule|firewall rule]]
 
* <code>flavor</code> - [[#Compute|Compute]] - [[#flavor|flavor]]
 
* <code>gateway</code> - [[#Network|Network]] - [[#Gateway|gateway]]
 
* <code>group</code> - [[#API_v3|Identity v3]] - [[#group|group]]
 
* <code>host</code> - [[#Compute|Compute]] - [[#host|host]]
 
* <code>hypervisor</code> - [[#Compute|Compute]] - [[#hypervisor|hypervisor]]
 
* <code>identity provider</code> - [[#Identity|Identity]] - [[#identity_provider|identity_provider]]
 
* <code>ip fixed</code> - [[#Compute|Compute]] - [[#ip-fixed|ip fixed]]
 
* <code>ip floating</code> - [[#Compute|Compute]] - [[#ip-floating|ip floating]]
 
* <code>ip floating</code> - [[#Network|Network]] - [[#IP_Floating|ip floating]] - need to fingure out how to switch between Compute and Network
 
* <code>ip floating pool</code> - [[#Compute|Compute]] - [[#ip-floating-pool|ip floating pool]]
 
* <code>ipsec</code> - [[#Network|Network]] - [[#IPSEC|ipsec]]
 
* <code>keypair</code> - [[#Compute|Compute]] - [[#keypair|keypair]]
 
* <code>lb healthmonitor</code> - [[#Network|Network]] - [[#Load_Balancer|lb healthmonitor]]
 
* <code>lb member</code> - [[#Network|Network]] - [[#Load_Balancer|lb member]]
 
* <code>lb pool</code> - [[#Network|Network]] - [[#Load_Balancer|lb pool]]
 
* <code>lb vip</code> - [[#Network|Network]] - [[#Load_Balancer|lb vip]]
 
* <code>limits</code> - [[#Cross_API|Common]] - [[#limits|limits]]
 
* <code>mapping</code> - [[#Identity|Identity]] - [[#mapping|mapping]]
 
* <code>network</code> - [[#Network|Network]] - [[#Network|network]]
 
* <code>network agent</code> - [[#Network|Network]] - [[#Network_Agent|network agent]]
 
* <code>object</code> - [[#Object|Object]] - [[#object|object]]
 
* <code>policy</code> - [[#API_v3|Identity v3]] - [[#policy|policy]]
 
* <code>port</code> - [[#Network|Network]] - [[#Port|Port]]
 
* <code>project</code> - [[#API_v3|Identity v3]] - [[#project|project]]
 
* <code>queue</code> - [[#Network|Network]] - [[#Queue|queue]]
 
* <code>quota</code> - [[#Compute|Compute]] - [[#quota|quota]]
 
* <code>quota</code> - [[#Network|Network]] - [[#quota|quota]]
 
* <code>quota</code> - [[#Volume|Volume]] - [[#quota|quota]]
 
* <code>request-token</code> - [[#Identity|Identity]] - OAuth [[#request-token|request-token]]
 
* <code>role</code> - [[#Identity|Identity]] - [[#role|role]]
 
* <code>router</code> - [[#Network|Network]] - [[#Router|router]]
 
* <code>router interface</code> - [[#Network|Network]] - [[#Router_Interface|router interface]]
 
* <code>secgroup</code> - [[#Compute|Compute]] - [[#secgroup|secgroup]]
 
* <code>secgroup-group-rule</code> - [[#Compute|Compute]] - [[#secgroup-group-rule|secgroup-group-rule]]
 
* <code>secgroup-rule</code> - [[#Compute|Compute]] - [[#secgroup-rule|secgroup-rule]]
 
* <code>security group</code> - [[#Network|Network]] - [[#Security_Group|security group]]
 
* <code>security group rule</code> - [[#Network|Network]] - [[#Security_Group_Rule|security group rule]]
 
* <code>server</code> - [[#Compute|Compute]] - [[#server|server]]
 
* <code>service</code> - [[#Identity|Identity]] - [[#service|service]]
 
* <code>subnet</code> - [[#Network|Network]] - [[#Subnet|subnet]]
 
* <code>snapshot</code> - [[#Volume|Volume]] - [[#snapshot|snapshot]]
 
* <code>tenant</code> - [[#API_v2.0|Identity v2.0]] - [[#tenant|tenant]]
 
* <code>token</code> - [[#Identity|Identity]] - [[#token|token]]
 
* <code>user</code> - [[#Identity|Identity]] - [[#user|user]]
 
* <code>user role</code> - [[#Identity|Identity]] - [[#user-role|user role]]
 
* <code>volume</code> - [[#Volume|Volume]] - [[#volume|volume]]
 
* <code>volume type</code> - [[#Volume|Volume]] - [[#volume-type|volume type]]
 
* <code>vpn ikepolicy</code> - [[#Network|Network]] - [[#VPN|vpn ikepolicy]]
 
* <code>vpn ipsecpolicy</code> - [[#Network|Network]] - [[#VPN|vpn ipsecpolicy]]
 
* <code>vpn service</code> - [[#Network|Network]] - [[#VPN|vpn service]]
 
 
 
== Actions ==
 
 
 
The actions used by OpenStackClient are defined below to provide a consistent meaning to each action.  Many of them have logical opposite actions.  Those actions with an opposite action are noted in parens if applicable.
 
 
 
* <code>authorize</code> - authorize a token (used in OAuth)
 
* <code>add</code> (<code>remove</code>) - add some object to a container object; the command is built in the order of "container add object" (<container> <object>), the positional arguments appear in the same order
 
* <code>attach</code> (<code>detach</code>) - deprecated; use <code>add</code>/<code>remove</code>
 
* <code>create</code> (<code>delete</code>) - create a new occurrence of the specified object
 
* <code>delete</code> (<code>create</code>) - delete a specific occurrence of the specified object
 
* <code>detach</code> (<code>attach</code>) - deprecated; use <code>add</code>/<code>remove</code>
 
* <code>issue</code> (<code>revoke</code>) - issue a token
 
* <code>list</code> - display summary information about multiple objects
 
* <code>lock</code> (<code>unlock</code>)
 
* <code>migrate</code> - move a server to a different host; <code><nowiki>--live</nowiki></code> performs a live migration if possible
 
* <code>pause</code> (<code>unpause</code>) - stop a server and leave it in memory
 
* <code>reboot</code> - forcibly reboot a server
 
* <code>rebuild</code> - rebuild a server using (most of) the same arguments as in the original <code><nowiki>create</nowiki></code>
 
* <code>remove</code> (<code>add</code>) - remove an object from a group of objects
 
* <code>rescue</code> (<code>unrescue</code>) - reboot a server in a special rescue mode allowing access to the original disks
 
* <code>resize</code> - change a server's flavor
 
* <code>resume</code> (<code>suspend</code>) - return a suspended server to running state
 
* <code>revoke</code> (<code>issue</code>) - revoke a token
 
* <code>save</code> - download an object locally
 
* <code>set</code> (<code>unset</code>) - set a property on the object, formerly called <code>metadata</code>
 
* <code>show</code> - display detailed information about the specific object
 
* <code>ssh</code>
 
* <code>suspend</code> (<code>resume</code>) - stop a server and save to disk freeing memory
 
* <code>unlock</code> (<code>lock</code>)
 
* <code>unpause</code> (<code>pause</code>) - return a paused server to running state
 
* <code>unrescue</code> (<code>rescue</code>) - return a server to normal boot mode
 
* <code>unset</code> (<code>set</code>) - remove an attribute of the object
 
 
 
== Global Options ==
 
 
 
The common global options from the default [[OpenStack]] clients have been mapped to the set of global options below.
 
 
 
{| class="wikitable"
 
|-
 
! OSC Option !! Environment Variable !!  !! Option !! Environment Variable
 
|-
 
| --version ||  || || --version ||
 
|-
 
| --help ||  || || --help ||
 
|-
 
| --debug ||  || || --debug ||
 
|-
 
| --quiet ||  || ||  ||
 
|-
 
| --verbose ||  || ||  ||
 
|-
 
| --log-file <filename> ||  || ||  ||
 
|-
 
| --os-auth-url <url> || OS_AUTH_URL ||  || --os-auth-url <url> || OS_AUTH_URL
 
|-
 
| --os-tenant-name <name> || OS_TENANT_NAME ||  || --os-tenant-name <name> || OS_TENANT_NAME
 
|-
 
| --os-tenant-id <id> || OS_TENANT_ID ||  || --os-tenant-id <id> || OS_TENANT_ID
 
|-
 
| --os-username <name> || OS_USERNAME ||  || --os-username <name> || OS_USERNAME
 
|-
 
| --os-password <pw> || OS_PASSWORD ||  || --os-password <pw> || OS_PASSWORD
 
|-
 
| --os-region-name <region> || OS_REGION_NAME ||  || --os-region-name <region> || OS_REGION_NAME
 
|-
 
| --os-cacert <file> || OS_CACERT ||  || --os-cacert <file> || OS_CACERT
 
|-
 
|  ||  || || --insecure ||
 
|-
 
| --os-use-keyring ||  || ||  ||
 
|}
 
 
 
 
 
== Common Options ==
 
 
 
A number of options will appear in many commands and should have the same form in all commands to the extent possible.
 
 
 
{| class="wikitable"
 
|-
 
! Option !! Description !! Usual Default
 
|-
 
| --description || describes an object || none
 
|-
 
| --enable || Used for setting the enabled state for an object || n/a
 
|-
 
| --disable || Used for setting the enabled state for an object || n/a
 
|}
 
 
 
= Command Mapping Summary =
 
 
 
This is an example mapping of the existing commands from Keystone (Identity), Nova (Compute), Glance (Image) and Cinder (Volume) to the <code><nowiki><verb> <object></nowiki></code> form for the [[OpenStackClient]] cli tool.  It reduces both the number of verbs and objects by handling some of the smaller differences with command line options.
 
 
 
Further consolidation could be achieved by additional options or by introduction secondary objects to the syntax.  For example, the credentials and x509-cert (and x509-root-cert) objects could be combined:
 
 
 
 
 
{| class="wikitable"
 
|-
 
| nova x509-create-cert [<pk-file>] [<x509-cert>] || os create credentials --x509 [<pk-file>] [<x509-cert>]
 
|-
 
| nova credentials || os show credentials
 
|-
 
| nova x509-get-root-cert || os show credentials --x509 --root
 
|}
 
 
 
 
 
== Cross API ==
 
 
 
Object names that appear in multiple APIs, like quota, are handled by putting their command handler classes in openstackclient.common.  If the number of these becomes large they should be moved into a subdirectory.
 
 
 
==== complete ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
complete
 
|| yes
 
|| ||
 
|}
 
 
 
==== credentials ====
 
 
 
''[consider rolling the ec2 creds into this too]''
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os credentials create
 
    --x509
 
    [<private-key-file>]
 
    [<certificate-file>]
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova x509-create-cert
 
    [<pk-file>]
 
    [<x509-cert>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os credentials show
 
    [--token]
 
    [--user]
 
    [--x509 [--root]]
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova credentials
 
    [--wrap <integer>]
 
 
 
nova x509-get-root-cert
 
    [<filename>]
 
</source>
 
|}
 
 
 
==== Extension ====
 
 
 
Note: Perhaps this would be a nice general feature.
 
 
 
NOTE(dtroyer): yes it would.  We don't have this for any of the other APIs yet so we can play with the structure a bit here
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os extension list
 
    [--long]
 
    [--service <service>]
 
</source>
 
Note: Do we want to provide service as an option for this command?
 
 
 
NOTE(dtroyer): maybe.  what service exactly?  in the Identity API, service means things like 'compute v2', 'identity v3', etc.
 
we need at least the API, I'm not certain if we should expect a user to know that though...
 
|| no || ||
 
<source lang="bash">
 
neutron ext-list
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os extension show
 
    <extension>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron ext-show <extension> [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
|}
 
 
 
==== limits ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os limits show
 
    --absolute [--reserved] | --rate
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova absolute-limits
 
    [--reserved]
 
 
 
nova rate-limits
 
 
 
cinder absolute-limits
 
 
 
cinder rate-limits
 
</source>
 
|}
 
 
 
==== quota ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os quota set
 
    # Compute settings
 
    [--cores <num-cores>]
 
    [--fixed-ips <num-fixed-ips>]
 
    [--floating-ips <num-floating-ips>]
 
    [--injected-file-size <injected-file-bytes>]
 
    [--injected-files <num-injected-files>]
 
    [--instances <num-instances>]
 
    [--key-pairs <num-key-pairs>]
 
    [--properties <num-properties>]
 
    [--ram <ram-mb>]
 
 
 
    # Volume settings
 
    [--gigabytes <new-gigabytes>]
 
    [--snapshots <new-snapshots>]
 
    [--volumes <new-volumes>]
 
 
 
    <project>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova quota-update
 
    [--instances <instances>]
 
    [--cores <cores>]
 
    [--ram <ram>]
 
    [--volumes <volumes>]
 
    [--gigabytes <gigabytes>]
 
    [--floating-ips <floating_ips>]
 
    [--metadata-items <metadata_items>]
 
    [--injected-files <injected_files>]
 
    [--injected-file-content-bytes <injected_file_content_bytes>]
 
    <tenant_id>
 
 
 
cinder quota-update
 
    [--volumes <volumes>]
 
    [--snapshots <snapshots>]
 
    [--gigabytes <gigabytes>]
 
    <tenant_id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os quota set
 
    --class
 
    # Compute settings
 
    [--cores <num-cores>]
 
    [--fixed-ips <num-fixed-ips>]
 
    [--floating-ips <num-floating-ips>]
 
    [--injected-file-size <injected-file-bytes>]
 
    [--injected-files <num-injected-files>]
 
    [--instances <num-instances>]
 
    [--key-pairs <num-key-pairs>]
 
    [--properties <num-properties>]
 
    [--ram <ram-mb>]
 
 
 
    # Volume settings
 
    [--gigabytes <new-gigabytes>]
 
    [--snapshots <new-snapshots>]
 
    [--volumes <new-volumes>]
 
 
 
    <class>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova quota-class-update
 
    [--instances <instances>]
 
    [--cores <cores>]
 
    [--ram <ram>]
 
    [--volumes <volumes>]
 
    [--gigabytes <gigabytes>]
 
    [--floating-ips <floating_ips>]
 
    [--metadata-items <metadata_items>]
 
    [--injected-files <injected_files>]
 
    [--injected-file-content-bytes <injected_file_content_bytes>]
 
    <class>
 
 
 
cinder quota-class-update
 
    [--volumes <volumes>]
 
    [--snapshots <snapshots>]
 
    [--gigabytes <gigabytes>]
 
    <tenant_id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os quota show
 
    [--default]
 
    <project>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova quota-show
 
    [--tenant <tenant-id>]
 
 
 
cinder quota-show
 
    <tenant_id>
 
 
 
nova quota-defaults
 
    <tenant_id>
 
 
 
cinder quota-defaults
 
    <tenant_id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os quota show
 
    --class
 
    <class>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova quota-class-show
 
    <class>
 
 
 
cinder quota-class-show
 
    <class>
 
</source>
 
|}
 
 
 
 
 
== Compute ==
 
 
 
{| class="wikitable"
 
|-
 
! OSC Option !! Environment Variable !! !! Nova Option !! Environment Variable
 
|-
 
| || || || --os-auth-system <auth-system> || OS_AUTH_SYSTEM
 
|-
 
| || || || --service-type <type> ||
 
|-
 
| || || || --service-name <name> || NOVA_SERVICE_NAME
 
|-
 
| || || || --volume-service-name <name> || NOVA_VOLUME_SERVICE_NAME
 
|-
 
| || || || --endpoint-type <type> || NOVA_ENDPOINT_TYPE
 
|-
 
| --os-compute-api-version <ver> || OS_COMPUTE_API_VERSION || || --os-compute-api-version <ver> || OS_COMPUTE_API_VERSION
 
|-
 
| || || || --bypass-url <bypass-url> ||
 
|}
 
 
 
 
 
=== API v2 (1.1) ===
 
 
 
 
 
==== aggregate ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os aggregate add host
 
    <aggregate>
 
    <host>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova aggregate-add-host
 
    <id>
 
    <host>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os aggregate create
 
    [--zone <availability-zone>]
 
    [--property <key=value>]
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova aggregate-create
 
    <name>
 
    [<availability_zone>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os aggregate delete
 
    <aggregate>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova aggregate-delete
 
    <id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os aggregate list
 
    [--long]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova aggregate-list
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os aggregate remove host
 
    <aggregate>
 
    <host>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova aggregate-remove-host
 
    <id>
 
    <host>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os aggregate set
 
    [--name <new-name>]
 
    [--zone <availability-zone>]
 
    [--property <key=value>]
 
    <aggregate>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova aggregate-update
 
    <id>
 
    <name>
 
    [<availability_zone>]
 
 
 
nova aggregate-set-metadata
 
    <id>
 
    <key=value>
 
    [<key=value> ...]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os aggregate show
 
    <aggregate>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova aggregate-details
 
    <id>
 
</source>
 
|}
 
 
 
==== cloudpipe ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os create cloudpipe
 
    <project>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova cloudpipe-create
 
    <project>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os list cloudpipe
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova cloudpipe-list
 
</source>
 
|}
 
 
 
==== compute agent ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os compute agent create
 
    <os>
 
    <architecture>
 
    <version>
 
    <url>
 
    <md5hash>
 
    <hypervisor>
 
</source>
 
|| yes
 
|| ||
 
|-
 
|
 
<source lang="bash">
 
os compute agent delete
 
    <id>
 
</source>
 
|| yes
 
|| ||
 
|-
 
|
 
<source lang="bash">
 
os compute agent list
 
    [--hypervisor <hypervisor>]
 
</source>
 
|| yes
 
|| ||
 
|-
 
|
 
<source lang="bash">
 
os compute agent set
 
    <id>
 
    <version>
 
    <url>
 
    <md5hash>
 
</source>
 
|| yes
 
|| ||
 
|}
 
 
 
==== console ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os console log show
 
    [--lines <num-lines>]
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova console-log
 
    [--length <length>]
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os console url show
 
    [--novnc | --xvpvnc | --spice]
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova get-vnc-console
 
    <server>
 
    <console_type>
 
</source>
 
|}
 
 
 
==== credentials ====
 
 
 
See [[#credentials|credentials]] in the [[#Cross_API|cross API section]].
 
 
 
==== diagnostics ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os server show
 
    --diagnostics
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova diagnostics
 
    <server>
 
</source>
 
|}
 
 
 
==== dns ====
 
 
 
''These commands need some attention...an IP shouldn't be required for all record types.  They need to be more DNS-y.  Zone anyone?''
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os create dns
 
    [--type <type>]
 
    <ip>
 
    <name>
 
    <domain>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova dns-create
 
    [--type <type>]
 
    <ip>
 
    <name>
 
    <domain>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os delete dns
 
    <domain>
 
    <name>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova dns-delete
 
    <domain>
 
    <name>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os list dns
 
    [--ip <ip>]
 
    [--name <name>]
 
    <domain>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova dns-list
 
    [--ip <ip>]
 
    [--name <name>]
 
    <domain>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os create dns-domain
 
    [--project <project>]
 
    [--availability-zone <availability-zone>]
 
    [--public | --private]
 
    <domain>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova dns-create-private-domain
 
    [--availability_zone <availability_zone>]
 
    <domain>
 
 
 
nova dns-create-public-domain
 
    [--project <project>]
 
    <domain>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os delete dns-domain
 
    <domain>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova dns-delete-domain
 
    <domain>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os list dns-domains
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova dns-domains
 
</source>
 
|}
 
 
 
==== endpoints ====
 
 
 
''Totally duplicates Identity catalog command''
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os endpoint list
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova endpoints
 
</source>
 
|}
 
 
 
 
 
==== flavor ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os flavor create
 
    [--id <id>]
 
    [--ram <size-mb>]
 
    [--disk <size-gb>]
 
    [--ephemeral-disk <size-gb>]
 
    [--swap <size-mb>]
 
    [--vcpus <num-cpu>]
 
    [--rxtx-factor <factor>]
 
    [--public | --private]
 
    <name>
 
</source>
 
||
 
<source lang="bash">
 
(partial)
 
default: auto
 
default: 256M
 
default: 0G
 
default: 0G
 
default: 0G
 
default: 1
 
default: 1
 
default: public
 
 
 
</source>
 
|| ||
 
<source lang="bash">
 
nova flavor-create
 
    [--ephemeral <ephemeral>]
 
    [--swap <swap>]
 
    [--rxtx-factor <factor>]
 
    <name>
 
    <id>
 
    <ram>
 
    <disk>
 
    <vcpus>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os flavor delete
 
    <flavor>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova flavor-delete
 
    <id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os flavor list
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova flavor-list
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os flavor show
 
    <flavor>
 
</source>
 
|| yes
 
|| ||
 
|}
 
 
 
 
 
==== host ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os host list
 
    [--zone <availability-zone>]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova host-action
 
    [--action <action>]
 
    <hostname>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os host set
 
    ...
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova host-update
 
    [--status <status>]
 
    [--maintenance <maintenance_mode>]
 
    <hostname>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os host show
 
    <host>
 
</source>
 
|| yes
 
|| ||
 
|}
 
 
 
 
 
==== hypervisor ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os hypervisor list
 
    [--matching <hostname>]
 
</source>
 
|| yes
 
|| ||
 
|-
 
|
 
<source lang="bash">
 
os hypervisor show
 
    <id>
 
</source>
 
|| yes
 
|| ||
 
|}
 
 
 
 
 
 
 
 
 
 
 
==== ip fixed ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os ip fixed add
 
    <network>
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova add-fixed-ip
 
    <server>
 
    <network_id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os ip fixed remove
 
    <ip-address>
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova remove-fixed-ip
 
    <server>
 
    <address>
 
</source>
 
|}
 
 
 
 
 
==== ip floating ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os ip floating add
 
    <ip-address>
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova add-floating-ip
 
    <server>
 
    <address>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os ip floating create
 
    [<pool>]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova floating-ip-create
 
    [<floating_ip_pool>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os ip floating delete
 
    <ip-address>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova floating-ip-delete
 
    <address>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os ip floating list
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova floating-ip-list
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os ip floating remove
 
    <ip-address>
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova remove-floating-ip
 
    <server>
 
    <address>
 
</source>
 
|}
 
 
 
 
 
==== ip floating pool ====
 
 
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os ip floating pool list
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova floating-ip-pool-list
 
</source>
 
|}
 
 
 
 
 
==== keypair ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os keypair create
 
    [--public-key <file>]
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova keypair-add
 
    [--pub_key <pub_key>]
 
    <name>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os keypair delete
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova keypair-delete
 
    <name>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os keypair list
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova keypair-list
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os keypair show
 
    [--public-key]
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
|}
 
 
 
 
 
==== limits ====
 
 
 
See [[#limits|limits]] in the [[#Cross_API|cross API section]].
 
 
 
 
 
 
 
 
 
 
 
 
 
==== quota ====
 
 
 
See [[#quota|quota]] in the [[#Cross_API|cross API section]].
 
 
 
 
 
==== secgroup ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os secgroup add
 
 
 
(see server add secgroup)
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova add-secgroup
 
    <server>
 
    <secgroup>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os secgroup create
 
    [--description <description>]
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova secgroup-create
 
    <name>
 
    <description>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os secgroup delete
 
    <group>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova secgroup-delete
 
    <secgroup>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os secgroup list
 
    [--all-projects]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova secgroup-list
 
    [--all-tenants [<0|1>]]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os secgroup remove
 
 
 
(see server remove secgroup)
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova remove-secgroup
 
    <server>
 
    <secgroup>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os secgroup set
 
    [--name <new-name>]
 
    [--description [<new-description>]
 
    <group>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova secgroup-update
 
    <secgroup>
 
    <name>
 
    <description>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os secgroup show
 
    <group>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
n/a
 
</source>
 
|}
 
 
 
==== secgroup-group-rule ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os secgroup group rule create
 
    [--proto <protocol>]
 
    [--port <port>:<port>]
 
    <source-group>
 
    <secgroup>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova secgroup-add-group-rule
 
    [--ip_proto <ip_proto>]
 
    [--from_port <from_port>]
 
    [--to_port <to_port>]
 
    <secgroup>
 
    <source_group>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os secgroup group rule delete
 
    [--proto <protocol>]
 
    [--port <port>:<port>]
 
    <source-group>
 
    <secgroup>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova secgroup-delete-group-rule
 
    [--ip_proto <ip_proto>]
 
    [--from_port <from_port>]
 
    [--to_port <to_port>]
 
    <secgroup>
 
    <source_group>
 
</source>
 
|}
 
 
 
==== secgroup-rule ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os secgroup rule create
 
    [--proto <proto>]
 
    [--src-ip <ip-address>]
 
    [--dst-port <port-range>]
 
    <group>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova secgroup-add-rule
 
    <secgroup>
 
    <ip_proto>
 
    <from_port>
 
    <to_port>
 
    <cidr>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os secgroup rule delete
 
    [--proto <proto>]
 
    [--src-ip <ip-address>]
 
    [--dst-port <port-range>]
 
    <group>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova secgroup-delete-rule
 
    <secgroup>
 
    <ip_proto>
 
    <from_port>
 
    <to_port>
 
    <cidr>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os secgroup rule list
 
    <group>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova secgroup-list-rules
 
    <secgroup>
 
</source>
 
|}
 
 
 
====server====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os server add secgroup
 
    <server>
 
    <group>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova add-secgroup
 
    <server>
 
    <secgroup>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server add volume
 
    [--device <device>]
 
    <server>
 
    <volume>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova volume-attach
 
    <server>
 
    <volume>
 
    <device>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server create
 
    --image <image>
 
    --flavor <flavor>
 
    [--security-group <security-group-list> [...] ]
 
    [--key-name <key-name>]
 
    [--meta-data <key=value> [...] ]
 
    [--file <dest-filename=source-filename>] [...] ]
 
    [--user-data <user-data>]
 
    [--availability-zone <zone-name>]
 
    [--block-device-mapping <dev-name=mapping> [...] ]
 
    [--nic <net-id=net-uuid,v4-fixed-ip=ip-addr> [...] ]
 
    [--hint <key=value> [...] ]
 
    [--config-drive <value>|True ]
 
    [--min <count>]
 
    [--max <count>]
 
    [--wait]
 
    <server-name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova boot
 
    [--flavor <flavor>]
 
    [--image <image>]
 
    [--meta <key=value>]
 
    [--file <dst-path=src-path>]
 
    [--key_name <key_name>]
 
    [--user_data <user-data>]
 
    [--availability_zone <availability-zone>]
 
    [--security_groups <security_groups>]
 
    [--block_device_mapping <dev_name=mapping>]
 
    [--hint <key=value>]
 
    [--nic <net-id=net-uuid,v4-fixed-ip=ip-addr>]
 
    [--config-drive <value>]
 
    [--poll]
 
    <name>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server delete
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova delete
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server image create
 
    [--name <image-name>]
 
    [--wait]
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova image-create
 
    [--poll]
 
    <server>
 
    <name>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server list
 
    [--reservation-id <reservation-id>]
 
    [--ip <ip-regex>]
 
    [--ip6 <ip6-regex>]
 
    [--name <name-regex>]
 
    [--instance-name <instance-name-regex>]
 
    [--status <status>]
 
    [--flavor <flavor>]
 
    [--image <image>]
 
    [--host <hostname>]
 
    [--all-tenants]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova list
 
    [--reservation_id <reservation_id>]
 
    [--ip <ip_regexp>]
 
    [--ip6 <ip6_regexp>]
 
    [--name <name_regexp>]
 
    [--instance_name <name_regexp>]
 
    [--status <status>]
 
    [--flavor <flavor>] [--image <image>]
 
    [--host <hostname>]
 
    [--all_tenants [<0|1>]]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server lock
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova lock
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server migrate
 
    [--wait]
 
    <server>
 
 
 
os server migrate
 
    --live <host>
 
    [--shared-migration | --block-migration]
 
    [--disk-overcommit | --no-disk-overcommit]
 
    [--wait]
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova migrate
 
    [--poll]
 
    <server>
 
 
 
nova live-migration
 
    [--block_migrate]
 
    [--disk_over_commit]
 
    <server>
 
<host>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server pause
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova pause
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server reboot
 
    [--hard | --soft]
 
    [--wait]
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova reboot
 
    [--hard]
 
    [--poll]
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server rebuild
 
    --image <image>
 
    [--password <password>]
 
    [--wait]
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova rebuild
 
    [--rebuild_password <rebuild_password>]
 
    [--poll]
 
    <server>
 
    <image>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server remove secgroup
 
    <server>
 
    <group>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova remove-secgroup
 
    <server>
 
    <secgroup>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server remove volume
 
    <server>
 
    <volume>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova volume-detach
 
    <server>
 
    <volume>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server rescue
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova rescue
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server resize
 
    --flavor <flavor>
 
    [--wait]
 
    <server>
 
 
 
os server resize
 
    --confirm
 
    <server>
 
 
 
os server resize
 
    --revert
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova resize
 
    [--poll]
 
    <server>
 
    <flavor>
 
 
 
nova resize-confirm
 
    <server>
 
 
 
nova resize-revert
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server resume
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova resume
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server set
 
    --name <new-name>
 
    --property <key=value>
 
    [--property <key=value>] ...
 
    --root-password
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova meta
 
    <server>
 
    <action>
 
    <key=value>
 
    [<key=value> ...]
 
 
 
nova rename
 
    <server>
 
    <name>
 
 
 
nova root-password
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server show
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova show
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server ssh
 
    [--login <login-name>]
 
    [--port <port>]
 
    [--identity <keyfile>]
 
    [--option <config-options>]
 
    [-4 | -6]
 
    [--private | --public | --address-type <address-type>]
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova ssh
 
    [--port PORT]
 
    [--private]
 
    [--ipv6]
 
    [--login <login>]
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server suspend
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova suspend
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server unlock
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova unlock
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server unpause
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova unpause
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os server unrescue
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova unrescue
 
    <server>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os unset server
 
    --property <key>
 
    [--property <key>] ...
 
    <server>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
nova meta
 
    <server>
 
    <action>
 
    <key=value>
 
    [<key=value> ...]
 
</source>
 
|}
 
 
 
==== usage ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Nova command
 
|-
 
|
 
<source lang="bash">
 
os usage list
 
    [--start <start>]
 
    [--end <end>]
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
nova usage-list
 
    [--start <start>]
 
    [--end <end>]
 
</source>
 
|}
 
 
 
 
 
==== x509-cert ====
 
 
 
See [[#credentials|credentials]] in the [[#Cross_API|cross API section]].
 
 
 
==== x509-root-cert ====
 
 
 
See [[#credentials|credentials]] in the [[#Cross_API|cross API section]].
 
 
 
== Identity ==
 
 
 
{| class="wikitable"
 
|-
 
! OSC Option !!  Environment Variable !!  !!  Keystone Option !!  Environment Variable
 
|-
 
| --os-identity-api-version <ver> || OS_IDENTITY_API_VERSION ||  || --os-identity-api-version <ver> || OS_IDENTITY_API_VERSION
 
|-
 
| --os-token <token> || OS_TOKEN || || --os-token <token> || OS_SERVICE_TOKEN
 
|-
 
| --os-url <url> || OS_URL || || --os-endpoint <url> || OS_SERVICE_ENDPOINT
 
|-
 
|  ||  || || --os-cert <file> || OS_CERT
 
|-
 
|  ||  || || --os-key <key-file> || OS_KEY
 
|-
 
|  ||  || || --os-cache || OS_CACHE
 
|-
 
|  ||  || || --force-new-token ||
 
|-
 
|  ||  || || --stale-duration <seconds> ||
 
|-
 
|}
 
 
 
=== API v2.0 ===
 
 
 
==== catalog ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os catalog list
 
</source>
 
|| yes
 
|| ||
 
|-
 
|
 
<source lang="bash">
 
os catalog show
 
    <service>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone catalog
 
    [--service <service-type>]
 
</source>
 
|}
 
 
 
==== ec2 credentials ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os ec2 credentials create
 
    [--project <project>]
 
    [--user <user>]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone ec2-credentials-create
 
    [--user <user-id>]
 
    [--tenant_id <tenant-id>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os ec2 credentials delete
 
    [--user <user>]
 
    <access-key>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone ec2-credentials-delete
 
    [--user <user-id>]
 
    --access <access-key>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os ec2 credentials list
 
    [--user <user>]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone ec2-credentials-list
 
    [--user <user-id>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os ec2 credentials show
 
    [--user <user>]
 
    <access-key>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone ec2-credentials-get
 
    [--user <user-id>]
 
    --access <access-key>
 
</source>
 
|}
 
 
 
==== endpoint ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os endpoint create
 
    --publicurl <public-url>
 
    [--adminurl <admin-url>]
 
    [--internalurl <internal-url>]
 
    [--region <endpoint-region>]
 
    <service>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone endpoint-create
 
    [--region <endpoint-region>]
 
    [--service_id <service-id>]
 
    [--publicurl <public-url>]
 
    [--adminurl <admin-url>]
 
    [--internalurl <internal-url>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os endpoint delete
 
    <endpoint-id>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone endpoint-delete
 
    <endpoint-id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os endpoint list
 
    [--long]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone endpoint-list
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os endpoint show
 
    <endpoint_or_service-type>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone endpoint-get
 
    --service <service-type>
 
    [--endpoint_type <endpoint-type>]
 
    [--attr <service-attribute>]
 
    [--value <value>]
 
</source>
 
|}
 
 
 
==== project ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os project create
 
    [--description <description>]
 
    [--enable | --disable]
 
    [--property <key=value>]
 
    <project-name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone tenant-create
 
    --name <tenant-name>
 
    [--description <tenant-description>]
 
    [--enabled <true|false>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os project delete
 
    <project>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone tenant-delete
 
    <tenant>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os project list
 
    [--domain <domain>]
 
    [--long]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone tenant-list
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os project set
 
    [--name <new-project-name>]
 
    [--description <new-project-description>]
 
    [--enable | --disable]
 
    [--property <key=value>]
 
    <project>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone tenant-update
 
    [--name <tenant_name>]
 
    [--description <tenant-description>]
 
    [--enabled <true|false>]
 
    <tenant-id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os project show
 
    <project>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone tenant-get
 
    <tenant-id>
 
</source>
 
|}
 
 
 
==== role ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os role add
 
    --project <project>
 
    --user <user>
 
    <role>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone user-role-add
 
    --user <user>
 
    --role <role>
 
    [--tenant <tenant>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role create
 
    <role-name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone role-create --name
 
    <role-name>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role delete
 
    <role>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone role-delete
 
    <role-id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role list
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone role-list
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role remove
 
    --project <project>
 
    --user <user>
 
    <role>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone user-role-add
 
    --user <user>
 
    --role <role>
 
    [--tenant <tenant>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role show
 
    <role>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone role-get
 
    <role-id>
 
</source>
 
|}
 
 
 
==== service ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os service create
 
    [--type <service-type>]
 
    [--description <service-description>]
 
    <service-name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone service-create
 
    --name <name>
 
    --type <type>
 
    [--description <service-description>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os service delete
 
    <service>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone service-delete
 
    <service-id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os service list
 
    [--long]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone service-list
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os service show
 
    [--catalog]
 
    <service>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone service-get
 
    <service-id>
 
</source>
 
|}
 
 
 
==== token ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os token issue
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone token-get [--wrap <integer>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os token revoke
 
    <token>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
==== user ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os user create
 
    [--password <user-password>]
 
    [--email <user-email>]
 
    [--tenant <tenant>]
 
    [--enable | --disable]
 
    <user-name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone user-create
 
    --name <user-name>
 
    [--tenant_id <tenant-id>]
 
    [--pass <pass>]
 
    [--email <email>]
 
    [--enabled <true|false>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os user delete
 
    <user>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone user-delete
 
    <user-id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os user list
 
    [--tenant <tenant>]
 
    [--long]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone user-list
 
    [<tenant-id>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os user set
 
    [--name <new-user-name>]
 
    [--password <user-password>]
 
    [--email <user-email>]
 
    [--tenant <tenant>]
 
    [--enable|--disable]
 
    <user>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone user-password-update
 
    --pass <password>
 
    <user-id>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os user show
 
    <user>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone user-get
 
    <user-id>
 
</source>
 
|}
 
 
 
==== user role ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os user role list
 
    [--project <project>]
 
    [<user>]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
keystone user-role-list
 
    [--user <user-id>]
 
    [--tenant_id <tenant-id>]
 
</source>
 
|}
 
 
 
==== <other> ====
 
 
 
These keystone commands are not planned for re-implementation in OpenStackClient
 
 
 
<source lang="bash">
 
keystone bootstrap
 
        --pass <password>
 
        [--user-name <user-name>]
 
        [--role-name <role-name>]
 
        [--tenant-name <tenant-name>]
 
</source>
 
 
 
<source lang="bash">
 
keystone discover
 
</source>
 
 
 
=== API v3 ===
 
 
 
==== consumer ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os consumer create
 
    [--description <consumer-description>]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os consumer delete
 
    <consumer>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os consumer list
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os consumer set
 
    [--description <consumer-description>]
 
    <consumer>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os consumer show
 
    <consumer>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
==== credential ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os credential create
 
    [--project <project>]
 
    [--type ec2|cert]
 
    <user>
 
    <data>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os credential delete
 
    <credential-id>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os credential list
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os credential set
 
    [--user <user>]
 
    [--type ec2|cert]
 
    [--data <data>]
 
    [--project <project>]
 
    <credential-id>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os credential show
 
    <credential-id>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
==== domain ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os domain create
 
    [--description <domain-description>]
 
    [--enable | --disable]
 
    <domain-name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os domain delete
 
    <domain>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os domain list
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os domain set
 
    [--name <new-domain-name>]
 
    [--description <new-domain-description>]
 
    [--enable | --disable]
 
    <domain>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os domain show
 
    <domain>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
==== endpoint ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os endpoint create
 
    [--region <endpoint-region>
 
    [--enable | --disable]
 
    <service>
 
    <interface admin|public|internal>
 
    <url>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os endpoint delete
 
    <endpoint-id>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os endpoint list
 
    [--service <service>]
 
    [--interface admin|public|internal]
 
    [--region <endpoint-region>]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os endpoint set
 
    [--interface <endpoint-interface>]
 
    [--url <endpoint-url>]
 
    [--service <service-id>]
 
    [--region <endpoint-region>]
 
    [--enable | --disable]
 
    <endpoint>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os endpoint show
 
    <endpoint>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
==== federation protocol ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os federation protocol create
 
    --identity-provider <identity-provider>
 
    --mapping <mapping>
 
    name
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os federation protocol delete
 
    --identity-provider <identity-provider>
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os federation protocol list
 
    --idenity-provider <identity-provider>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os  federation protocol set
 
    --identity-provider <identity-provider>
 
    --mapping <mapping>
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os federation protocol show
 
    --identity-provider <identity-provider>
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|}
 
 
 
==== group ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os group add user
 
    <group>
 
    <user>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os group contains user
 
    <group>
 
    <user>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os group create
 
    [--domain <domain>]
 
    [--description <group-description>]
 
    <group-name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os group delete
 
    <group>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os group list
 
    [--domain <domain>]
 
    [--user <user>]
 
    [--long]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os group remove user
 
    <group>
 
    <user>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os group set
 
    [--name <new-group-name>]
 
    [--domain <domain>]
 
    [--description <new-group-description>]
 
    <group>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os group show
 
    <group>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
==== identity provider ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os identity provider create
 
    [--description <description>]
 
    [--enable | --disable]
 
    <identity_provider>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os identity provider delete
 
    <identity_provider>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os identity provider list
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os identity provider set
 
    [--enable | --disable]
 
    <identity_provider>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os identity provider show
 
    <identity_provider>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|}
 
 
 
==== mapping ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os mapping create
 
    [--rules <rules file>]
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os mapping delete
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os mapping list
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os mapping set
 
    [--rules <rules file>]
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|-
 
|
 
<source lang="bash">
 
os mapping show
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
n/a
 
|}
 
 
 
==== oauth ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os oauth request token create
 
    --consumer-key <consumer-key>
 
    --consumer-secret <consumer-secret>
 
    --roles <requested-roles>
 
</source>
 
|| yes
 
|| ||
 
n /a
 
|-
 
|
 
<source lang="bash">
 
os oauth request token authorize
 
    --request-key <request-key>
 
    --roles <requested-roles>
 
</source>
 
|| yes
 
|| ||
 
n /a
 
|-
 
|
 
<source lang="bash">
 
os oauth access token create
 
    --consumer-key <consumer-key>
 
    --consumer-secret <consumer-secret>
 
    --request-key <request-key>
 
    --request-secret <request-secret>
 
    --verifier <pin>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
n/a
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os oauth access token authenticate
 
    --consumer-key <consumer-key>
 
    --consumer-secret <consumer-secret>
 
    --access-key <access-key>
 
    --access-secret <access-secret>
 
</source>
 
|| yes
 
|| ||
 
n /a
 
|-
 
|
 
<source lang="bash">
 
os oauth authorization list
 
    user <user>
 
</source>
 
|| yes
 
|| ||
 
n /a
 
|-
 
|
 
<source lang="bash">
 
os oauth authorization delete
 
    user <user>
 
    access-id <access-id>
 
</source>
 
|| yes
 
|| ||
 
n /a
 
|-
 
|
 
<source lang="bash">
 
os oauth authorization show
 
    request-id <request-id>
 
</source>
 
|| yes
 
|| ||
 
n /a
 
|-
 
| look at some alternatives: || || ||
 
|-
 
|
 
<source lang="bash">
 
os oauth token create
 
    --consumer-key <consumer-key>
 
    --consumer-secret <consumer-secret>
 
    --request-key <request-key>
 
    --request-secret <request-secret>
 
    --verifier <pin>
 
</source>
 
|| nyet
 
|| ||
 
<source lang="bash">
 
* makes the token specific to oauth
 
* add [--oauth-ver X] if versioning for oauth2 is an issue?
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os oauth token create
 
    --request
 
    --consumer-key <consumer-key>
 
    --roles <roles>
 
</source>
 
|| nyet
 
|| ||
 
<source lang="bash">
 
* collapse 'access token' and 'request token' into 'oauth token'?
 
</source>
 
|}
 
 
 
==== policy ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os policy create
 
    [--type <policy-type>]
 
    --blob-file <blob-file>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os policy delete
 
    <policy-id>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os policy list
 
    [--include-blob]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os policy set
 
    [--type <policy-type>]
 
    [--blob-file<blob-file>]
 
    <policy-id>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os policy show
 
    <policy-id>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
==== project ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os project create
 
    [--domain <project-domain>]
 
    [--description <project-description>]
 
    [--enable | --disable]
 
    [--property <key=value>]
 
    <project-name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os project delete
 
    <project>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os project list
 
    [--long]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os project set
 
    [--name <new-project-name>]
 
    [--domain <project-domain>]
 
    [--description <new-project-description>]
 
    [--enable | --disable]
 
    [--property <key=value>]
 
    <project>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os project show
 
    <project>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
==== role ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os role add
 
    [--user <user> | --group <group>]
 
    [--domain <domain> | --project <project>]
 
    <role>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role create
 
    <role-name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role delete
 
    <role>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role list
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role remove
 
    [--user <user> | --group <group>]
 
    [--domain <domain> | --project <project>]
 
    <role>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role set
 
    [--name <new-role-name>]
 
    <role>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os role show
 
    <role>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
==== service ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os service create
 
[--name <name>]
 
        [--enabled <true|false>]
 
        <type>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os service delete
 
    <service>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os list service
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os service set
 
    [--type <service-type>]
 
    [--name <new-name>]
 
    [--enable | --disable]
 
    <service>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os service show
 
    <service>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
==== user ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Keystone command
 
|-
 
|
 
<source lang="bash">
 
os user create
 
    [--password <password>]
 
    [--project <project>]
 
    [--email <user-email>]
 
    [--enable | --disable]
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os user delete
 
    <user>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os user list
 
    [--domain <domain>]
 
    [--group <group>]
 
    [--long]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os user set
 
    [--name <new-name>]
 
    [--password <password>]
 
    [--project <project>]
 
    [--email <user-email>]
 
    [--enable | --disable]
 
    <user>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os user show
 
    <user>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
</source>
 
|}
 
 
 
== Image ==
 
 
 
{| class="wikitable"
 
|-
 
! OSC Option !!  Environment Variable !!  !!  Glance Option !!  Environment Variable
 
|-
 
| --os-image-api-version <ver> || OS_IMAGE_API_VERSION ||  || --os-image-api-version <ver> || OS_IMAGE_API_VERSION
 
|-
 
|  ||  || || --os-service-type <type> || OS_SERVICE_TYPE
 
|-
 
|  ||  || || --os-endpoint-type <type> || OS_ENDPOINT_TYPE
 
|-
 
| --os-token <token> || OS_TOKEN || || --os-auth-token <token> || OS_AUTH_TOKEN
 
|-
 
| --os-url <url> || OS_URL || || --os-image-url <url> || OS_IMAGE_URL
 
|-
 
|  ||  || || --os-cacert <file> || OS_CACERT
 
|-
 
|  ||  || || --cert-file <file> || CERT_FILE
 
|-
 
|  ||  || || --key-file <key-file> || KEY_FILE
 
|-
 
|  ||  || || --no-ssl-compression ||
 
|-
 
|}
 
 
 
 
 
=== API v1 ===
 
 
 
==== image ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Glance command
 
|-
 
|
 
<source lang="bash">
 
os image create
 
    [--id <id>]
 
    [--store <store>]
 
    [--container-format <format>]
 
    [--disk-format <format>]
 
    [--owner <tenant>]
 
    [--size <size-bytes>]
 
    [--min-disk <disk-gb>]
 
    [--min-ram <ram-mg>]
 
    [--location <image-url>]
 
    [--copy-from <image-url>]
 
    [--file <local-filename>]
 
    [--volume <volume>]
 
    [--force]
 
    [--checksum <checksum>]
 
    [--protected | --unprotected]
 
    [--public | --private]
 
    [--property <key=value>]
 
    <name>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
glance image-create
 
    [--id <IMAGE_ID>]
 
    [--name <NAME>]
 
    [--disk-format <DISK_FORMAT>]
 
    [--container-format <CONTAINER_FORMAT>]
 
    [--owner <TENANT_ID>]
 
    [--size <SIZE>]
 
    [--min-disk <DISK_GB>]
 
    [--min-ram <DISK_RAM>]
 
    [--location <IMAGE_URL>]
 
    [--checksum <CHECKSUM>]
 
    [--copy-from <IMAGE_URL>]
 
    [--is-public [True|False]]
 
    [--is-protected [True|False]]
 
    [--property <key=value>]
 
    [--human-readable]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image delete
 
    <image>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
glance image-delete
 
    <IMAGE_ID>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image list
 
    [--page-size <size>]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
glance image-list
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image save
 
    [--file <filename>]
 
    <image>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
glance image-download
 
    [--file <FILE>]
 
    <IMAGE>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image set
 
    [--name <name>]
 
    [--owner <tenant>]
 
    [--min-disk <disk-gb>]
 
    [--min-ram <ram-mg>]
 
    [--protected | --unprotected]
 
    [--public | --private]
 
    [--property <key=value>]
 
    <image>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
glance image-update
 
    [--name <NAME>]
 
    [--disk-format <DISK_FORMAT>]
 
    [--container-format <CONTAINER_FORMAT>]
 
    [--owner <TENANT_ID>]
 
    [--size <SIZE>]
 
    [--min-disk <DISK_GB>]
 
    [--min-ram <DISK_RAM>]
 
    [--location <IMAGE_URL>]
 
    [--file <FILE>]
 
    [--checksum <CHECKSUM>]
 
    [--copy-from <IMAGE_URL>]
 
    [--is-public [True|False]]
 
    [--is-protected [True|False]]
 
    [--property <key=value>]
 
    [--purge-props]
 
    [--human-readable]
 
    <IMAGE>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image show
 
    <image>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
glance image-show
 
    [--human-readable]
 
    <IMAGE>
 
</source>
 
|}
 
 
 
=== API v2 ===
 
 
 
==== image ====
 
 
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Glance command
 
|-
 
|
 
<source lang="bash">
 
os image add project
 
    <image>
 
    <project>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
glance member-create
 
    [--can-share]
 
    <IMAGE_ID>
 
    <TENANT_ID>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image create
 
    [--id <id>]
 
    [--store <store>]
 
    [--container-format <format>]
 
    [--disk-format <format>]
 
    [--owner <tenant>]
 
    [--size <size-bytes>]
 
    [--min-disk <disk-gb>]
 
    [--min-ram <ram-mg>]
 
    [--location <image-url>]
 
    [--copy-from <image-url>]
 
    [--file <local-filename>]
 
    [--checksum <checksum>]
 
    [--protected | --unprotected]
 
    [--public | --private]
 
    [--property <key=value>]
 
    <name>
 
# verify v2 options
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image delete
 
    <image>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
glance image-delete
 
    <IMAGE_ID>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image list
 
    [--page-size <size>]
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
glance image-list
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image list
 
    --shared
 
    [--image <image>]
 
    [--project <project>]
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
glance member-list
 
    [--image-id <IMAGE_ID>]
 
    [--tenant-id <TENANT_ID>]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image remove project
 
    <image>
 
    <project>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
glance member-delete
 
    <IMAGE_ID>
 
    <TENANT_ID>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image save
 
    [--file <filename>]
 
    <image>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
glance image-download
 
    [--file <FILE>]
 
    <IMAGE>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image set
 
    [--id <id>]
 
    [--store <store>]
 
    [--container-format <format>]
 
    [--disk-format <format>]
 
    [--owner <tenant>]
 
    [--size <size-bytes>]
 
    [--min-disk <disk-gb>]
 
    [--min-ram <ram-mg>]
 
    [--location <image-url>]
 
    [--copy-from <image-url>]
 
    [--file <local-filename>]
 
    [--checksum <checksum>]
 
    [--protected | --unprotected]
 
    [--public | --private]
 
    [--property <key=value>]
 
    <name>
 
</source>
 
|| no
 
|| ||
 
<source lang="bash">
 
glance image-update
 
    [--name <NAME>]
 
    [--disk-format <DISK_FORMAT>]
 
    [--container-format <CONTAINER_FORMAT>]
 
    [--owner <TENANT_ID>]
 
    [--size <SIZE>]
 
    [--min-disk <DISK_GB>]
 
    [--min-ram <DISK_RAM>]
 
    [--location <IMAGE_URL>]
 
    [--file <FILE>]
 
    [--checksum <CHECKSUM>]
 
    [--copy-from <IMAGE_URL>]
 
    [--is-public [True|False]]
 
    [--is-protected [True|False]]
 
    [--property <key=value>]
 
    [--purge-props]
 
    [--human-readable]
 
    <IMAGE>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os image show
 
    <image>
 
</source>
 
|| yes
 
|| ||
 
<source lang="bash">
 
glance image-show
 
    [--human-readable]
 
    <IMAGE>
 
</source>
 
|}
 
 
 
==== image-member ====
 
 
 
The image member commands have been rolled in to the regualr [[#image_3|image]] commands.
 
 
 
== Network ==
 
 
 
The Network commands in <code>neutron</code> are actually in pretty good shape.  It appears most update commands have not be
 
en implemented, but looks pretty solid other than that.  Note some questions:
 
 
 
* Note: Should the --request-format option be a global option.  Nice from a developers perspective if you want to test XML for ins
 
tance, but why would users really care.
 
 
 
* Note: Should we have --os-network-api-version <ver> argument since neutron currently only supports one version?
 
 
 
NOTE(dtroyer): yes for consistency
 
 
 
 
 
{| class="wikitable"
 
|-
 
! OSC Option !! Environment Variable !! !! Nova Option !! Environment Variable
 
|-
 
| || || || --os-auth-strategy || OS_AUTH_STRATEGY
 
|-
 
| --os-auth-url || OS_AUTH_URL || || --os-auth-url || OS_AUTH_URL
 
|-
 
| --os-project-name || OS_PROJECT_NAME || || --os-tenant-name || OS_TENANT_NAME
 
|-
 
| --os-project-id || OS_PROJECT_ID || || --os-tenant-id || OS_TENANT_ID
 
|-
 
| --os-username || OS_USERNAME || || --os-username || OS_USERNAME
 
|-
 
| --os-password || OS_PASSWORD || || --os-password || OS_PASSWORD
 
|-
 
| --os-region-name || OS_REGION_NAME || || --os-region-name || OS_REGION_NAME
 
|-
 
| --os-token || OS_TOKEN || || --os-token || OS_TOKEN
 
|-
 
| --os-url || OS_URL || || --os-url || OS_URL
 
|-
 
| --os-cacert || OS_CACERT || || --os-cacert || OS_CACERT
 
|-
 
| --os-network-api-version <ver> || OS_NETWORK_API_VERSION || || ||
 
|}
 
 
 
 
 
=== API v2.0 ===
 
 
 
NOTE(dtroyer): I am removing all of the default cliff options for clarity.  Also, apparently neutronclient has a different idea of how these are used than OSC.
 
 
 
==== Cisco ====
 
 
 
NOTE(dtroyer): We need to think about how to handle vendor-plugin-specific bits.  I don't want these in the default set...
 
 
 
Note all of these "network pofile" and "policy profile", why not just network and policy, profile is useless.
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os cisco credential create <credential_name> <credential_type>
 
    [--tenant-id TENANT_ID]
 
    [--username USERNAME]
 
    [--password PASSWORD]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-credential-create <credential_name> <credential_type>
 
    [--tenant-id TENANT_ID]
 
    [--username USERNAME]
 
    [--password PASSWORD]
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco credential delete <credential>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-credential-delete <credential>
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco credential list
 
    [-F FIELD]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-credential-list
 
    [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco credential show <credential>
 
    [-F FIELD]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-credential-show <credential>
 
    [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco network profile create <name> <vlan|overlay|multi-segment|trunk>
 
    [--tenant-id TENANT_ID]               
 
    [--sub_type SUB_TYPE]                 
 
    [--segment_range SEGMENT_RANGE]       
 
    [--physical_network PHYSICAL_NETWORK] 
 
    [--multicast_ip_range MULTICAST_IP_RANGE]
 
    [--add-tenant ADD_TENANT]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-network-profile-create <name> <vlan|overlay|multi-segment|trunk>
 
    [--tenant-id TENANT_ID]               
 
    [--sub_type SUB_TYPE]                 
 
    [--segment_range SEGMENT_RANGE]       
 
    [--physical_network PHYSICAL_NETWORK] 
 
    [--multicast_ip_range MULTICAST_IP_RANGE]
 
    [--add-tenant ADD_TENANT]
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco network profile delete <profile>
 
    [--request-format {json,xml}]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-network-profile-delete <profile>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco network profile list
 
    [-F FIELD]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-network-profile-list
 
    [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco network profile show <profile>
 
    [-F FIELD]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-network-profile-show <profile>
 
    [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco network profile update <profile>
 
    [--request-format {json,xml}]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-network-profile-update <profile>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco policy profile list
 
    [-F FIELD]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-policy-profile-list
 
    [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco policy profile show <profile>
 
    [--request-format {json,xml}] [-D]   
 
    [-F FIELD]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-policy-profile-show <profile>
 
    [--request-format {json,xml}] [-D]   
 
    [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os cisco policy profile update <profile>
 
    [--request-format {json,xml}]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron cisco-policy-profile-update <profile>
 
    [--request-format {json,xml}]
 
</source>
 
|}
 
 
 
 
 
==== DHCP Agent ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os dhcp agent add network
 
    <network>
 
    <dhcp_agent>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron dhcp-agent-network-add <dhcp_agent> <network>
 
  [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os dhcp agent remove network
 
    <network>
 
    <dhcp_agent>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron dhcp-agent-network-remove <dhcp_agent> <network>
 
  [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os dhcp agent list <network>
 
    [--long]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron dhcp-agent-list-hosting-net <network>
 
</source>
 
|-
 
|<source lang="bash">
 
os network list --dhcp <dhcp_agent>
 
    [--long]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-list-on-dhcp-agent <dhcp_agent>
 
</source>
 
|}
 
 
 
==== Firewall ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os firewall create
 
    [--description <description>]
 
    [--project <project>]
 
    [--enable | --disable]
 
    [--share | --no-share]
 
    <policy> <name>
 
</source>
 
NOTE(dtroyer): need a better name for --not-shared?
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-create
 
    <policy>
 
    [--tenant-id TENANT_ID]
 
    [--name NAME]
 
    [--description DESCRIPTION]
 
    [--shared]
 
    [--admin-state-down]
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall delete
 
    <firewall>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-delete
 
    <firewall>
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall list
 
    [--long]
 
    [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
NOTE(dtroyer): need to think about the sort stuff
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-list
 
    [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall set
 
    <firewall>
 
</source>
 
NOTE(dtroyer): what is being changed?
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-update
 
    <firewall>
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall show
 
    <firewall>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-show
 
    <firewall>
 
</source>
 
|}
 
 
 
==== Firewall Policy ====
 
 
 
NOTE(dtroyer): need to work out the format of FIREWALL_RULE
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os firewall policy create
 
    [--description <description>]
 
    [--project <project>]
 
    [--firewall-rules <rules>]
 
    [--share | --no-share]
 
    [--audit | --no-audit]
 
    <name>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-policy-create
 
    <name>
 
    [--tenant-id TENANT_ID]         
 
    [--description DESCRIPTION]
 
    [--shared]
 
    [--firewall-rules FIREWALL_RULES]
 
    [--audited]
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall policy delete
 
    <policy>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-policy-delete
 
    <policy>
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall policy add rule
 
    [--insert-before FIREWALL_RULE]
 
    [--insert-after FIREWALL_RULE]
 
    <policy>
 
    <rule>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-policy-insert-rule
 
    <policy>
 
    <rule>
 
    [--insert-before FIREWALL_RULE]       
 
    [--insert-after FIREWALL_RULE]
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall policy list
 
    [--long]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-policy-list
 
    [-F FIELD] [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall policy remove rule
 
    <policy>
 
    <rule>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-policy-remove-rule
 
    <policy>
 
    <rule>
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall policy set
 
    <policy>
 
</source>
 
NOTE(dtroyer): what is being changed?
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-policy-update
 
    <policy>
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall policy show
 
    <policy>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-policy-show
 
    <policy>
 
</source>
 
|}
 
 
 
 
 
==== Firewall Rule ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
 
 
|-
 
|<source lang="bash">
 
os firewall rule create
 
    [--project <project>]
 
    [--description <description>]
 
    [--source-ip-address SOURCE_IP_ADDRESS]
 
    [--destination-ip-address DESTINATION_IP_ADDRESS]
 
    [--source-port SOURCE_PORT]
 
    [--destination-port DESTINATION_PORT]
 
    [--enable | --disable]
 
    [--share | --no-share]
 
    --protocol tcp|udp|icmp|any
 
    --action allow|deny
 
    <name>
 
</source>
 
NOTE(dtroyer): it might be more consistent to change --protocol and --action to direct options; ex: '--tcp | --udp | --icmp | --any'
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-rule-create
 
    [--tenant-id TENANT_ID]
 
    [--name NAME]
 
    [--description DESCRIPTION]
 
    [--shared]
 
    [--source-ip-address SOURCE_IP_ADDRESS]
 
    [--destination-ip-address DESTINATION_IP_ADDRESS]
 
    [--source-port SOURCE_PORT]
 
    [--destination-port DESTINATION_PORT]
 
    [--disabled]
 
    --protocol {tcp,udp,icmp,any}
 
    --action {allow,deny}
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall rule delete
 
    <rule>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-rule-delete
 
    <rule>
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall rule list
 
    [--long]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-rule-list
 
    [-F FIELD] [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall rule show
 
    <rule>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-rule-show
 
    <rule>
 
    [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os firewall rule
 
    [--protocol tcp|udp|icmp|any]
 
    <rule>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron firewall-rule-update
 
    <rule>
 
    [--protocol {tcp,udp,icmp,any}]
 
</source>
 
|}
 
 
 
 
 
==== Gateway ====
 
 
 
Note: change from net-gateway to gateway
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os gateway create
 
    [--project <project>]
 
    [--device <device>]
 
    <name>
 
</source>
 
NOTE(dtroyer): consider changing the --device syntax to remove the embedded device_id=,interface_name=
 
|| no || ||
 
<source lang="bash">
 
neutron net-gateway-create
 
    <name>
 
    [--tenant-id TENANT_ID]
 
    [--device DEVICE]
 
</source>
 
|-
 
|<source lang="bash">
 
os gateway delete
 
    <gateway>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-gateway-delete
 
    <gateway>
 
</source>
 
|-
 
|<source lang="bash">
 
os gateway list
 
    [--long]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-gateway-list
 
</source>
 
|-
 
|<source lang="bash">
 
os gateway set
 
    <gateway>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-gateway-update
 
    <gateway>
 
</source>
 
|-
 
|<source lang="bash">
 
os gateway show
 
    <gateway>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-gateway-show
 
    <gateway>
 
</source>
 
|}
 
 
 
 
 
==== IP Floating ====
 
 
 
Note: Do we need to have backward compatibility for older releases where compute controlled floating IPs?  I think the latest compute still supports the old interface, but it would be best to discontinue use of that.  Should the command be floating-ip or floatingip?
 
 
 
NOTE(dtroyer): The existing commands under Compute are for nova-network; it is a pass-through to Neutron but at some point OSc needs to get smart about when to call nova-network and when to call Neutron directly.  The commands need to be the same as much as possible.
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os ip floating add
 
    [--fixed-ip <fixed-ip-address>]
 
    <floating-ip-address>
 
    <port>
 
</source>
 
NOTE(dtroyer): maybe this should be 'port add floating ip'?
 
|| no || ||
 
<source lang="bash">
 
neutron floatingip-associate
 
    <ip>
 
    <port>
 
    [--fixed-ip-address FIXED_IP_ADDRESS]
 
</source>
 
|-
 
|<source lang="bash">
 
os ip floating create
 
    [--project <project>]
 
    [--port <port>]
 
    [--fixed-ip <fixed-ip-address>]
 
    <network>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron floatingip-create
 
    <network>
 
    [--tenant-id TENANT_ID] [--port-id PORT_ID]
 
    [--fixed-ip-address FIXED_IP_ADDRESS]
 
</source>
 
|-
 
|<source lang="bash">
 
os ip floating delete
 
    <floating-ip-address>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron floatingip-delete
 
    <ip>
 
</source>
 
|-
 
|<source lang="bash">
 
os ip floating list
 
    [--long]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron floatingip-list
 
    [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os ip floating remove
 
    <floating-ip-address>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron floatingip-disassociate
 
    <ip>
 
</source>
 
|-
 
|<source lang="bash">
 
os ip floating show
 
    <floating-ip-address>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron floatingip-show
 
    <ip>
 
</source>
 
|}
 
 
 
==== IPSEC ====
 
 
 
# Note Why are we doing "ipsec site connection <verb>" instead of "ipsec <verb>"?  Is there going to be something other than site connections for ipsec?
 
 
 
NOTE(dtroyer): good question. I wonder if Neutron will ever support any other kind of tunnel?  If so, 'tunnel' should be the object anme and --ipsec is a type option...until then let's just use 'ipsec' as the object name.
 
 
 
NOTE(dtroyer): one thing I know is we generally totally abuse the term 'cidr' and use it where we mean network addresses in CIDR notation.  We will not perpetuate that in OSC no matter what the rest of the project doesI need to brush up on IPSEC configuration to be able to fix these option names.
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os ipsec create
 
    [--project <project>]
 
    [--description <description>]
 
    [--enable | --disable]
 
    [--mtu MTU]
 
    [--initiator {bi-directional,response-only}]
 
    # use --bi-directional | --response-only ?
 
    [--dpd action=ACTION,interval=INTERVAL,timeout=TIMEOUT]
 
    # rethink --dpd
 
    --vpnservice-id VPNSERVICE
 
    --ikepolicy-id IKEPOLICY
 
    --ipsecpolicy-id IPSECPOLICY
 
    --peer-address PEER_ADDRESS
 
    --peer-id PEER_ID
 
    --peer-cidr PEER_CIDRS
 
    --psk PSK
 
    <name>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron ipsec-site-connection-create
 
    [--tenant-id TENANT_ID]
 
    [--admin-state-down]
 
    [--name NAME]
 
    [--description DESCRIPTION]
 
    [--mtu MTU]
 
    [--initiator {bi-directional,response-only}]
 
    [--dpd action=ACTION,interval=INTERVAL,timeout=TIMEOUT]
 
    --vpnservice-id VPNSERVICE
 
    --ikepolicy-id IKEPOLICY
 
    --ipsecpolicy-id IPSECPOLICY
 
    --peer-address PEER_ADDRESS
 
    --peer-id PEER_ID
 
    --peer-cidr PEER_CIDRS
 
    --psk PSK
 
</source>
 
|-
 
|<source lang="bash">
 
os ipsec delete
 
    <ipsec-site>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron ipsec-site-connection-delete
 
    <ipsecsite>
 
</source>
 
|-
 
|<source lang="bash">
 
os ipsec list
 
    [--long]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron ipsec-site-connection-list
 
    [--sort-key FIELD]                   
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os ipsec set
 
    [--dpd action=ACTION,interval=INTERVAL,timeout=TIMEOUT]
 
    <ipsec-site>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron ipsec-site-connection-update
 
    <ipsecsite>
 
    [--dpd action=ACTION,interval=INTERVAL,timeout=TIMEOUT]
 
</source>
 
|-
 
|<source lang="bash">
 
os ipsec site connection show
 
    <ipsec-site>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron ipsec-site-connection-show
 
    <ipsecsite>
 
</source>
 
|}
 
 
 
==== L3 Agent ====
 
 
 
NOTE(dtroyer): the list command may make more sense as options to 'router list'
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os l3 agent list
 
    [--router <router>]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron l3-agent-list-hosting-router <router>
 
</source>
 
|-
 
|<source lang="bash">
 
os l3 agent add router
 
    <l3_agent>
 
    <router>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron l3-agent-router-add
 
    <l3_agent>
 
    <router>
 
</source>
 
|-
 
|<source lang="bash">
 
os l3 agent remove router
 
    <l3_agent>
 
    <router>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron l3-agent-router-remove
 
    <l3_agent>
 
    <router>
 
</source>
 
|}
 
 
 
==== Load Balancer ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os lb healthmonitor add <healthmonitor> <pool>
 
    # Note command change
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-healthmonitor-associate <healthmonitor> <pool>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb healthmonitor create
 
    [--tenant-id TENANT_ID]
 
    [--admin-state-down]
 
    [--expected-codes EXPECTED_CODES]
 
    [--http-method HTTP_METHOD]
 
    [--url-path URL_PATH] --delay DELAY
 
    --max-retries MAX_RETRIES --timeout
 
    TIMEOUT --type {PING,TCP,HTTP,HTTPS}
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-healthmonitor-create
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}]
 
    [--tenant-id TENANT_ID]
 
    [--admin-state-down]
 
    [--expected-codes EXPECTED_CODES]
 
    [--http-method HTTP_METHOD]
 
    [--url-path URL_PATH] --delay DELAY
 
    --max-retries MAX_RETRIES --timeout
 
    TIMEOUT --type {PING,TCP,HTTP,HTTPS}
 
</source>
 
|-
 
|<source lang="bash">
 
os lb healthmonitor delete <healthmonitor>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-healthmonitor-delete <healthmonitor>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb healthmonitor remove <healthmonitor> <pool>
 
    # Note command change
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-healthmonitor-disassociate <healthmonitor> <pool>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb healthmonitor list
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-healthmonitor-list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D]
 
    [-F FIELD] [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb healthmonitor show <healthmonitor>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-healthmonitor-show <healthmonitor>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}] [-D]
 
    [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb healthmonitor update <healthmonitor>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-healthmonitor-update <healthmonitor>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb member create <pool>
 
    [--tenant-id TENANT_ID] [--admin-state-down]
 
    [--weight WEIGHT] --address ADDRESS
 
    --protocol-port PROTOCOL_PORT
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-member-create <pool>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}]
 
    [--tenant-id TENANT_ID] [--admin-state-down]
 
    [--weight WEIGHT] --address ADDRESS
 
    --protocol-port PROTOCOL_PORT
 
</source>
 
|-
 
|<source lang="bash">
 
os lb member delete <member>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-member-delete <member>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb member list
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-member-list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
    [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb member show <member>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-member-show <member>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb member update <member>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-member-update <member>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb pool create
 
    [--tenant-id TENANT_ID] [--admin-state-down]
 
    [--description DESCRIPTION] --lb-method
 
    {ROUND_ROBIN,LEAST_CONNECTIONS,SOURCE_IP} --name
 
    NAME --protocol {HTTP,HTTPS,TCP} --subnet-id
 
    SUBNET [--provider PROVIDER]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-pool-create
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}]
 
    [--tenant-id TENANT_ID] [--admin-state-down]
 
    [--description DESCRIPTION] --lb-method
 
    {ROUND_ROBIN,LEAST_CONNECTIONS,SOURCE_IP} --name
 
    NAME --protocol {HTTP,HTTPS,TCP} --subnet-id
 
    SUBNET [--provider PROVIDER]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb pool delete <pool>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-pool-delete <pool>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb pool list
 
    [--lbaas-agent AGENT]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-pool-list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
    [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
<source lang="bash">
 
neutron lb-pool-list-on-agent <lbaas_agent>
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D]
 
    [-F FIELD]
 
# Note another one of those oddball commands
 
</source>
 
|-
 
|<source lang="bash">
 
os lb pool show <pool>
 
    [--agent] [--stats]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-pool-show <pool>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
<source lang="bash">
 
neutron lb-agent-hosting-pool <pool>
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D]
 
    [-F FIELD]
 
</source>
 
<source lang="bash">
 
neutron lb-pool-stats <pool>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb pool update <pool>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-pool-update <pool>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb vip create <pool>
 
    [--tenant-id TENANT_ID] [--address ADDRESS]
 
    [--admin-state-down]
 
    [--connection-limit CONNECTION_LIMIT]
 
    [--description DESCRIPTION] --name NAME
 
    --protocol-port PROTOCOL_PORT --protocol
 
    {TCP,HTTP,HTTPS} --subnet-id SUBNET
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-vip-create <pool>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}]
 
    [--tenant-id TENANT_ID] [--address ADDRESS]
 
    [--admin-state-down]   
 
    [--connection-limit CONNECTION_LIMIT]
 
    [--description DESCRIPTION] --name NAME
 
    --protocol-port PROTOCOL_PORT --protocol
 
    {TCP,HTTP,HTTPS} --subnet-id SUBNET
 
</source>
 
|-
 
|<source lang="bash">
 
os lb vip delete <vip>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-vip-delete <vip>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb vip list
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-vip-list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
    [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb vip show <vip>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-vip-show <vip>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os lb vip update <vip>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron lb-vip-update <vip>
 
    [--request-format {json,xml}]
 
</source>
 
|}
 
 
 
==== Network ====
 
 
 
# Note name changes from net to netowork
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os network add gateway
 
    [--segmentation-type SEGMENTATION_TYPE]
 
    [--segmentation-id SEGMENTATION_ID]
 
    <network>
 
    <gateway>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-gateway-connect
 
    <gateway>
 
    <network>
 
    [--segmentation-type SEGMENTATION_TYPE]
 
    [--segmentation-id SEGMENTATION_ID]
 
</source>
 
|-
 
|<source lang="bash">
 
os network create
 
    [--admin-state-up | --admin-state-down]
 
    [--share | --no-share]
 
    <name>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-create
 
    <name>
 
    [--tenant-id TENANT_ID] [--admin-state-down]
 
    [--shared]
 
</source>
 
|-
 
|<source lang="bash">
 
os network delete
 
    <network>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-delete
 
    <network>
 
</source>
 
|-
 
|<source lang="bash">
 
os network list
 
    [--long]
 
    [--external]
 
    [--dhcp dhcpid]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-list
 
 
 
neutron net-external-list
 
</source>
 
|-
 
|<source lang="bash">
 
os network set
 
    [--admin-state-up | --admin-state-down]
 
    [--share | --no-share]
 
    [--name newname]
 
    <network>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-update
 
    <network>
 
</source>
 
|-
 
|<source lang="bash">
 
os network remove gateway
 
    [--segmentation-type SEGMENTATION_TYPE]
 
    [--segmentation-id SEGMENTATION_ID]
 
    <network>
 
    <gateway>
 
# Note technicall wrong verb here, but add/remove
 
# seems a little odd
 
</source>
 
NOTE(dtroyer): the help in neutronclient actually uses add/remove...but these may be 'network' commands not 'network gateway'
 
|| no || ||
 
<source lang="bash">
 
neutron net-gateway-disconnect
 
    <gateway>
 
    <network>
 
    [--segmentation-type SEGMENTATION_TYPE]
 
    [--segmentation-id SEGMENTATION_ID]
 
</source>
 
|-
 
|<source lang="bash">
 
os network show
 
    <network>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron net-show
 
    <network>
 
</source>
 
|}
 
 
 
==== Network Agent ====
 
 
 
NOTE: There is no agent create in neutron at the moment.  I assume these should replace the compute commands.
 
 
 
NOTE(dtroyer): The compute agent refers to the bits of code that run inside a VM.  A Neutron agent is code that runs on a host system; there are at least 4 different types: plugin, dhcp, l3 and metadata.
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os network agent delete
 
    <agent>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron agent-delete <agent>
 
</source>
 
|-
 
|<source lang="bash">
 
os network agent list
 
    [--long]
 
</source>
 
NOTE(dtroyer): list commands always use --long for their 'show me more stuff' option
 
|| no || ||
 
<source lang="bash">
 
neutron agent-list
 
  [-D, --show-details]
 
  [-F FIELD, --field FIELD]
 
  [--quote {all,minimal,none,nonnumeric}]
 
</source>
 
|-
 
|<source lang="bash">
 
os network agent update
 
    <agent>
 
</source>
 
NOTE(dtroyer): update commands often map to the OSC verb 'set'.  but with no value to set???
 
|| no || ||
 
<source lang="bash">
 
neutron agent-update <agent>
 
# NOTE: no args, what does this update?
 
</source>
 
|-
 
|<source lang="bash">
 
os network agent show
 
    <agent>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron agent-show <agent>
 
  [-D, --show-details]
 
  [-F FIELD, --field FIELD]
 
</source>
 
|}
 
 
 
==== Port ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os port create
 
    --network <network>
 
    [--project <project>]
 
    [--mac-address <mac-address>]
 
    [--device-id <device-id>]
 
    [--fixed-ip <ip-address>]
 
    [--security-group <security-group>]
 
    [--no-security-groups]
 
    [--extra-dhcp-opt EXTRA_DHCP_OPTS]
 
    # gotta rename extra-dhcp-opts
 
    [--enable | --disable]
 
    <name>
 
</source>
 
NOTE(dtroyer): how is --no-security-groups different from not specifying any security groups on create?
 
|| no || ||
 
<source lang="bash">
 
neutron port-create
 
    <network>
 
    [--tenant-id TENANT_ID]
 
    [--name NAME]
 
    [--admin-state-down]
 
    [--mac-address MAC_ADDRESS]
 
    [--device-id DEVICE_ID]
 
    [--fixed-ip ip_address=IP_ADDR]
 
    [--security-group SECURITY_GROUP]
 
    [--no-security-groups]
 
    [--extra-dhcp-opt EXTRA_DHCP_OPTS]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os port delete
 
    <port>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron port-delete
 
    <port>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os port list
 
    [--router <router>]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron port-list
 
 
 
neutron router-port-list
 
    <router>
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os port update
 
    [--security-group <security-group>]
 
    [--no-security-groups]
 
    [--extra-dhcp-opt EXTRA_DHCP_OPTS]
 
    <port>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron port-update
 
    <port>
 
    [--security-group SECURITY_GROUP]
 
    [--no-security-groups]
 
    [--extra-dhcp-opt EXTRA_DHCP_OPTS]
 
</source>
 
|-
 
|
 
<source lang="bash">
 
os port show
 
    <port>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron port-show
 
    <port>
 
</source>
 
|}
 
 
 
====Queue====
 
 
 
Note: Should this be something less generic than "queue". I would think this was a message queue first.
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os queue create <name>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}]
 
    [--tenant-id TENANT_ID] [--min MIN] [--max MAX]
 
    [--qos-marking QOS_MARKING] [--default DEFAULT]
 
    [--dscp DSCP]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron queue-create <name>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}]
 
    [--tenant-id TENANT_ID] [--min MIN] [--max MAX]
 
    [--qos-marking QOS_MARKING] [--default DEFAULT]
 
    [--dscp DSCP]
 
</source>
 
|-
 
|<source lang="bash">
 
os queue delete <queue>
 
    [--request-format {json,xml}]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron queue-delete <queue>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os queue list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron queue-list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os queue show <queue>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron queue-show <queue>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
|}
 
 
 
==== Quota ====
 
 
 
Note: See [[#quota|quota]] in the [[#Cross_API|cross API section]].
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron quota-delete
 
    [--request-format {json,xml}]
 
    [--tenant-id tenant-id]
 
</source>
 
|-
 
|<source lang="bash">
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron quota-list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron quota-show
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}]
 
    [--tenant-id tenant-id]
 
</source>
 
|-
 
|<source lang="bash">
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron quota-update
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}]
 
    [--tenant-id tenant-id] [--network networks]
 
    [--subnet subnets] [--port ports]
 
    [--router routers] [--floatingip floatingips]
 
    [--security-group security_groups]
 
    [--security-group-rule security_group_rules]
 
</source>
 
|}
 
 
 
 
 
==== Router ====
 
 
 
Note: I've removed router gateway unset and added a --no-gateway option to router set <-dtoyer
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os router create
 
    [--project <project>]
 
    [--enable | --disable]
 
    <name>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron router-create
 
    <name>
 
    [--tenant-id TENANT_ID]
 
    [--admin-state-down]
 
</source>
 
|-
 
|<source lang="bash">
 
os router delete
 
    <router>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron router-delete
 
    <router>
 
</source>
 
|-
 
|<source lang="bash">
 
os router list
 
    [--l3-agent <l3-agent>]
 
    [--long]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron router-list
 
 
 
neutron router-list-on-l3-agent <l3_agent>
 
</source>
 
|-
 
|<source lang="bash">
 
os router set
 
    [--gateway <network>]
 
    [--enable-snat | --disable-snat]
 
    [--no-gateway]
 
    <router>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron router-update
 
    <router>
 
 
 
neutron router-gateway-set
 
    <router>
 
    <network>
 
    [--disable-snat]
 
 
 
neutron router-gateway-clear
 
    <router>
 
</source>
 
|-
 
|<source lang="bash">
 
os router show
 
    <router>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron router-show
 
    <router>
 
</source>
 
|}
 
 
 
==== Router Interface ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
 
 
|-
 
|<source lang="bash">
 
os router add port
 
    <router>
 
    <port>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron router-interface-add
 
    <router>
 
    <interface>
 
</source>
 
|-
 
|<source lang="bash">
 
os router remove port
 
    <router>
 
    <port>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron router-interface-delete
 
    <router>
 
    <interface>
 
</source>
 
|-
 
|<source lang="bash">
 
os router add subnet
 
    <router>
 
    <subnet>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron router-interface-add
 
    <router>
 
    <interface>
 
</source>
 
|-
 
|<source lang="bash">
 
os router remove subnet
 
    <router>
 
    <subnet>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron router-interface-delete
 
    <router>
 
    <interface>
 
</source>
 
|}
 
 
 
==== Security Group ====
 
 
 
Note: should we use "secgroup" or replace it with "security group"  Supporting both would be confusing, but for now it would probably work.
 
 
 
NOTE(dtroyer): I think 'security group' is what we need to use;  this is one of the last commands to have the short form removed...
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os security group create <name>
 
    [--project TENANT_ID]
 
    [--description DESCRIPTION]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron security-group-create <name>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}]   
 
    [--tenant-id TENANT_ID]         
 
    [--description DESCRIPTION]
 
</source>
 
|-
 
|<source lang="bash">
 
os security group delete <security_group>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron security-group-delete <security_group>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os security group list
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron security-group-list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D]
 
    [-F FIELD] [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os security group show <security_group>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron security-group-show <security_group>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}] [-D]
 
    [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os security group update <security_group>
 
    [--name NAME] [--description DESCRIPTION]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron security-group-update <security_group>
 
    [--request-format {json,xml}]
 
    [--name NAME] [--description DESCRIPTION]
 
</source>
 
|}
 
 
 
==== Security Group Rule ====
 
 
 
Note: Again, we have duplicate commands with Nova.
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os security group rule create <security_group>
 
    [--project TENANT_ID]
 
    [--direction {ingress,egress}]
 
    [--ethertype ETHERTYPE]
 
    [--protocol PROTOCOL]
 
    [--port-range-min PORT_RANGE_MIN]
 
    [--port-range-max PORT_RANGE_MAX]
 
    [--remote-ip-prefix REMOTE_IP_PREFIX]
 
    [--remote-group-id REMOTE_GROUP]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron security-group-rule-create <security_group>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE]               
 
    [--prefix PREFIX]                   
 
    [--request-format {json,xml}]       
 
    [--tenant-id TENANT_ID]             
 
    [--direction {ingress,egress}]       
 
    [--ethertype ETHERTYPE]             
 
    [--protocol PROTOCOL]               
 
    [--port-range-min PORT_RANGE_MIN]   
 
    [--port-range-max PORT_RANGE_MAX]   
 
    [--remote-ip-prefix REMOTE_IP_PREFIX]
 
    [--remote-group-id REMOTE_GROUP]
 
</source>
 
|-
 
|<source lang="bash">
 
os security group rule delete <rule>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron security-group-rule-delete <rule>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os security group rule list
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron security-group-rule-list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D] 
 
    [-F FIELD] [-P SIZE]               
 
    [--sort-key FIELD]                 
 
    [--sort-dir {asc,desc}]           
 
    [--no-nameconv]
 
</source>
 
|-
 
|<source lang="bash">
 
os security group rule show <rule>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron security-group-rule-show <rule>
 
</source>
 
|}
 
 
 
==== Service Provider ====
 
 
 
Note: Is this related to the Keystone service?  Not sure. The Neutron help is very light.
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron service-provider-list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D]
 
    [-F FIELD] [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|}
 
 
 
====Subnet====
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os subnet create <network> <cidr>
 
    [--project TENANT_ID] [--name NAME]
 
    [--ip-version {4,6}] [--gateway GATEWAY_IP]
 
    [--no-gateway]
 
    [--allocation-pool start=IP_ADDR,end=IP_ADDR]
 
    [--host-route destination=CIDR,nexthop=IP_ADDR]
 
    [--dns-nameserver DNS_NAMESERVER]
 
    [--disable-dhcp]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron subnet-create <network> <cidr>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}]
 
    [--tenant-id TENANT_ID] [--name NAME]
 
    [--ip-version {4,6}] [--gateway GATEWAY_IP]
 
    [--no-gateway]         
 
    [--allocation-pool start=IP_ADDR,end=IP_ADDR]
 
    [--host-route destination=CIDR,nexthop=IP_ADDR]
 
    [--dns-nameserver DNS_NAMESERVER]
 
    [--disable-dhcp]
 
</source>
 
|-
 
|<source lang="bash">
 
os subnet delete <subnet>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron subnet-delete <subnet>
 
    [--request-format {json,xml}]
 
</source>
 
|-
 
|<source lang="bash">
 
os subnet list
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron subnet-list
 
    [-f {csv,table}] [-c COLUMN]
 
    [--quote {all,minimal,none,nonnumeric}]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
    [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os subnet show <subnet>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron subnet-show <subnet>
 
    [-f {shell,table}] [-c COLUMN]
 
    [--variable VARIABLE] [--prefix PREFIX]
 
    [--request-format {json,xml}] [-D] [-F FIELD]
 
</source>
 
|-
 
|<source lang="bash">
 
os subnet update <subnet>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron subnet-update <subnet>
 
    [--request-format {json,xml}]
 
</source>
 
|}
 
 
 
==== VPN ====
 
 
 
{| class="wikitable"
 
|-
 
! OSC Command !! Implemented !! !! Neutron command
 
|-
 
|<source lang="bash">
 
os vpn ikepolicy create <name>
 
    [--project TENANT_ID]
 
    [--description DESCRIPTION]
 
    [--auth-algorithm {sha1}]
 
    [--encryption-algorithm {3des,aes-128,aes-192,aes-256}]
 
    [--phase1-negotiation-mode {main}]
 
    [--ike-version {v1,v2}]
 
    [--pfs {group2,group5,group14}]
 
    [--lifetime units=UNITS,value=VALUE]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron vpn-ikepolicy-create <name>
 
    [--tenant-id TENANT_ID]
 
    [--description DESCRIPTION]
 
    [--auth-algorithm {sha1}]
 
    [--encryption-algorithm {3des,aes-128,aes-192,aes-256}]
 
    [--phase1-negotiation-mode {main}]
 
    [--ike-version {v1,v2}]
 
    [--pfs {group2,group5,group14}]
 
    [--lifetime units=UNITS,value=VALUE]
 
</source>
 
|-
 
|<source lang="bash">
 
os vpn ikepolicy delete <policy>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron vpn-ikepolicy-delete <policy>
 
</source>
 
|-
 
|<source lang="bash">
 
os vpn ikepolicy list
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron vpn-ikepolicy-list
 
    [-F FIELD] [-P SIZE] [--sort-key FIELD]
 
    [--sort-dir {asc,desc}]
 
</source>
 
|-
 
|<source lang="bash">
 
os vpn ikepolicy show <policy>
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron vpn-ikepolicy-show <policy>
 
</source>
 
|-
 
|<source lang="bash">
 
os vpn ikepolicy set <policy>
 
    [--lifetime units=UNITS,value=VALUE]
 
</source>
 
|| no || ||
 
<source lang="bash">
 
neutron vpn-ikepolicy-update <policy>
 
    [--lifetime units=UNITS,value=VALUE]
 
</source>
 
|-
 
|<source lang="bash">
 
os vpn ipsecpolicy create <name>
 
    [--project TENANT_ID]
 
    [--description DESCRIPTION]
 
    [--transform-protocol {esp,ah,ah-esp}]
 
    [--auth-algorithm {sha1}]