enum AffinityRuleType { MUST_SAME_NODE SHOULD_SAME_NODE MUST_DIFF_NODE SHOW_DIFF_NODE } input AffinityRule { key: String type: AffinityRuleType value: String } type MantaLocation { manta_url: String image_path: String manifest_path: String } # todo: get source for this enum NicState { PROVISIONING RUNNING STOPPED } # Logical networks are used both on head nodes and compute nodes, and are associated with physical interfaces by using a system called NIC Tags type NIC { # NIC's IPv4 address ip: String # NIC's MAC address mac: String # Whether this is the instance's primary NIC primary: Boolean # IPv4 netmask netmask: String # IPv4 gateway gateway: String # Describes the state of the NIC (e.g. provisioning, running, or stopped) state: NicState # The NIC's network id network: Network } # Logical networks in Triton model core network configurations to enable Triton to define Virtual Network Interfaces and IP addresses for instances type Network { # Unique id for this network id: ID # The network name name: String # Whether this a public or private (rfc1918) network' public: Boolean # Whether this network is created on a fabric' fabric: Boolean # Description of this network description: String # A CIDR formatted string that describes the network' subnet: String # The first IP on the network that may be assigned' provision_start_ip: String # The last IP on the network that may be assigned' provision_end_ip: String # Optional Gateway IP address' gateway: String # Optional Resolver IP addresses' resolvers: [String] # Optional Static routes for hosts on this network' routes: [KeyValue] # Provision internet NAT zone on gateway address', internet_nat: Boolean } type VLAN { # A number from 0-4095 that indicates the VLAN's id id: ID # A unique name to identify the VLAN name: String # An optional description of the VLAN description: String } type FirewallRule { # Unique identifier for this rule id: ID # Indicates if the rule is enabled enabled: Boolean # Firewall rule rule: String # Indicates if the rule is global global: Boolean # Human-readable description for the rule description: String # Lists all instances a firewall rule is applied to machines: [Machine] } enum CallerType { BASIC OPERATOR SIGNATURE TOKEN } type Caller { # Authentication type for the action request type: CallerType # When the authentication type is BASIC, this member will be present and include user login user: String # When the authentication type is BASIC, this member will be present and include user login ip: String # When authentication type is either SIGNATURE or TOKEN, SSH key identifier key_id: String } type Action { # The name of the action name: String # The original set of parameters sent when the action was requested parameters: [KeyValue] # `true` or `false`, depending on the action's success success: Boolean # Account requesting the action caller: Caller # When the action finished time: String } enum SnapshotState { QUEUED CANCELED FAILED CREATED } type Snapshot { # The name of this snapshot name: ID # The current state of the snapshot state: SnapshotState } enum MachineState { PROVISIONING RUNNING STOPPING STOPPED DELETED FAILED } # An image contains the software packages that will be available on newly-provisioned instance. In the case of hardware virtual machines, the image also includes the operating system type Machine { # Unique id for this instance' id: ID # The "friendly" name for this instance' name: String # The type of instance (e.g. lx)' brand: Brand # The current state of this instance (e.g. running)' state: MachineState # The image id this instance was provisioned with' image: Image # The amount of RAM this instance has (in MiB)' memory: Int # The amount of disk this instance has (in MiB)' disk: Int # Any additional metadata this instance has', metadata( # Name of metadata value to retrieve name: String ): [KeyValue] # The complete set of tags associated with this machine tags( # Name of tag value to retrieve name: String ): [KeyValue] # When this instance was created created: String # When this instance's details was last updated updated: String # Whether this instance is a Docker container, if present docker: Boolean # The IP addresses this instance has ips: [String] # The networks of the nics this instance has networks: [Network] # IP address of the primary nic of this instance primary_ip: String # Whether firewall rules are enforced on this instance firewall_enabled: Boolean # List of FirewallRules affecting this machine firewall_rules( # Unique identifier for this rule id: ID ): [FirewallRule] # UUID of the server on which the instance is located compute_node: ID # The id or name of the package used to create this instance package: Package # The snapshots based on this instance snapshots( # Snapshot name name: String ): [Snapshot] # Provides a list of an instance's accomplished actions. Results are sorted from newest to oldest action actions: [Action] } type Package { # Unique id for this package id: ID # The "friendly" name for this package name: String # How much memory will by available (in MiB) memory: Int # How much disk space will be available (in MiB) disk: Int # How much swap space will be available (in MiB) swap: Int # Maximum number of light-weight processes (threads) allowed lwps: Int # Number of vCPUs for this package vcpus: Int # The version of this package version: String # The group this package belongs to group: String # A human-friendly description about this package description: String } enum ImageErrorCode { # This typically means that the target KVM VM (e.g. Linux) has old guest # tools that pre-date the image creation feature. Guest tools can be upgraded # with installers at https://download.joyent.com/pub/guest-tools/. Other # possibilities are: a boot time greater than the 5 minute timeout or a bug # or crash in the image preparation script. PREPARE_IMAGE_DID_NOT_RUN # Origin image data could not be found for the VM. Either the link to the image from which the VM was created has been broken (e.g. via 'zfs promote' or migration, see SYSOPS-6491) or there is some problem in either the 'image_uuid' value from vmadm get or in imgadm's DB of manifest info for that image. VS_HAS_NO_ORIGIN # Indicates an error due to functionality that isn't currently supported. One example is that custom image creation of a VM based on a custom image isn't currently supported. NOT_SUPPORTED } # An object providing details on failure of some asynchronous image action. Currently this is used during CreateImageFromVm. It is only present with state == 'failed' type ImageError { code: ImageErrorCode # A short description of the image creation failure message: String } # The current state of the image enum ImageState { # The image is ready for use, i.e. VMs can be provisioned using this image. ACTIVE # The image has not yet been activated. See ActivateImage. UNACTIVATED # The image is disabled. This will be the state if the image is activated, but also disabled == true. See EnableImage and DisableImage. DISABLED # A state for a placeholder image while an image is being asynchronously created. This is used during CreateImageFromVm. CREATING # A state for a placeholder image indicating that asynchronous image creation failed. See the error field for details. FAILED } # The type of file compression used by an image file enum ImageFileCompression { BZIP2 GZIP NONE } type ImageFile { # SHA-1 hex digest of the file content. Used for upload/download corruption checking. sha1: ID # Number of bytes. Maximum 20GiB. This maximum is meant to be a "you'll never hit it" cap, the purpose is to inform cache handling in IMGAPI servers. size: Int # The type of file compression used by the file. One of 'bzip2', 'gzip', 'none'. compression: ImageFileCompression # Optional. The ZFS internal unique identifier for this dataset's snapshot (available via zfs get guid SNAPSHOT, e.g. zfs get guid zones/f669428c-a939-11e2-a485-b790efc0f0c1@final). If available, this is used to ensure a common base snapshot for incremental images (via imgadm create -i) and VM migrations (via vmadm send/receive). dataset_guid: ID # Only included if ?inclAdminFields=true is passed to GetImage/ListImages. The IMGAPI storage type used to store this file. stor: String } # Brands are related to the type of virtualization used among other factors enum Brand { JOYENT JOYENT_MINIMAL LX KVM } # A grouping of various requirements for provisioning a VM with this image type ImageRequirements { # An array describing the minimum number of network interfaces networks: [Network] # Defines the SmartOS "brand" that is required to provision with this image brand: Brand # A boolean indicating that provisioning with this image requires that an SSH public key be provided ssh_key: Boolean # `min_ram` is an integer number of MiB specifying the minimum RAM required to provision this image min_ram: Int # `max_ram` is an integer number of MiB specifying the maximum RAM this image may provisioned with max_ram: Int # `min_platform` defines the minimum required SmartOS platform on which this image can be used (and hence in SDC on which it will be provisioned) min_platform: [KeyValue] # `max_platform` defines the maximum allowed SmartOS platform on which this image can be used (and hence in SDC on which it will be provisioned) max_platform: [KeyValue] } # The type of the image file enum ImageType { # a ZFS dataset used to create a new SmartOS zone ZONE_DATASET # a dataset used to create a Lx-brand zone LX_DATASET # a KVM virtual machine image ZVOL # a Docker image DOCKER # an image that serves any other specific purpose OTHER } # The operating system of the image file enum ImageOS { # SmartOS SMARTOS # Linux, e.g. CentOS, Ubuntu, etc. LINUX # A Microsoft Windows OS image WINDOWS # FreeBSD/netBSD BSD # Illumos ILLUMOS # A catch-all for other operating systems OTHER } # An image contains the software packages that will be available on newly-provisioned instance. In the case of hardware virtual machines, the image also includes the operating system type Image { # Unique id for this image id: ID # The "friendly" name for this image' name: String # The underlying operating system for this image' os: ImageOS # The version for this image' version: String # What kind of image this is. The values differ after v8.0.0+ type: ImageType # Contains a grouping of various minimum requirements for provisioning an instance with this image. For example "password" indicates that a password must be provided requirements: ImageRequirements # The URL for a web page with more detailed information for this image homepage: String # An array of image files that make up each image. Currently only a single file per image is supported files: [ImageFile] # The time this image has been made publicly available published_at: String # The UUID of the user who owns this image owner: ID # Indicates if this image is publicly available public: Boolean # The current state of the image. One of "active", "unactivated", "disabled", "creating", "failed" state: ImageState # An object of key/value pairs that allows clients to categorize images by any given criteria tags: [KeyValue] # URL of the End User License Agreement (EULA) for the image eula: String # Access Control List. An array of account UUIDs given access to a private image. The field is only relevant to private images acl: [User] # If state==FAILED, resulting from CreateImageFromMachine failure, then there may be an error object of the form {"code": "", "message": ""} error: ImageError } type Datacenter { # Location of the datacenter name: String url: String } input KeyValueInput { name: String! value: String! } type KeyValue { id: ID! name: String! value: String! } # Policies are lists of rules that describe access to resources type Policy { # Unique id for this policy id: ID # The policy name name: String # One or more Aperture sentences applying to the policy rules: [String] # A description for this policy description: String } # Roles are lists of users and policies. Roles describe which users are allowed access according to the policies type Role { # Unique id for this role id: ID # The role name name: String # This account's policies which this role obeys policies: [Policy] # This account's user logins this role applies to members: [User] # This account's user logins this role applies to by default default_members: [User] } type Key { # Name for this key name: String # Key fingerprint fingerprint: String # Public key in OpenSSH format value: String } type User { # Unique id for this user/account id: ID # Account/Sub-user login name login: String # Email address email: String company_name: String first_name: String @fake(type: firstName) last_name: String address: String postal_code: String city: String state: String country: String phone: String # When this user/account was created created: String # When this user/account's details was last updated updated: String # true if Triton CNS is enabled for account triton_cns_enabled: Boolean # lists all public keys we have on record for the specified account user keys( # name of the key to filter name: String ): [Key] } type Query { # Retrieves your account details account: User # Lists all public keys we have on record for the specified account keys( # only retrieve keys from specified username login: String # name of the key to filter name: String ): [Key] # Retrieves the record for an individual key key( # name of the key to retrieve name: String! # only retrieve keys from specified username. required for sub-users login: String ): Key # Returns a list of an account's user objects users( # user id to filter id: ID ): [User] # Get one user for an account user( # username of user to filter id: ID! ): User # Returns an array of account roles roles( # filter by role `id` id: ID # filter by role `name` name: String ): [Role] # Get an account role (`:role`) by `id` or `name` role( # retrieve role with `id` id: ID # retrieve role with `name` name: String ): Role # Retrieves a list of account policies policies( # filter by policy `id` id: ID ): [Policy] # Get an account policy (`:policy`) by `id` policy( # retrieve policy with `id` id: ID! ): Policy # Outputs configuration for your account config: [KeyValue] # Provides a list of all datacenters this cloud is aware of datacenters: [Datacenter] # Provides the URL endpoints for services for this datacenter. It is a mapping of service name to URL endpoint. services: [KeyValue] # Provides a list of images available in this datacenter images( # The id of this image id: ID # The "friendly" name for this image name: String # The underlying operating system for this image os: ImageOS # The version for this image version: String # Filter public/private images public: Boolean # Filter on image state. By default only active images are shown. Use ALL to list all images state: ImageState # Filter on owner UUID owner: ID # Filter on image type type: ImageType ): [Image] # Gets an individual image by id image( # Unique id of this image id: ID ): Image # Provides a list of packages available in this datacenter packages( # The id of for this package id: ID # The "friendly" name for this package name: String # How much memory will by available (in MiB) memory: Int # How much disk space will be available (in MiB) disk: Int # How much swap space will be available (in MiB) swap: Int # Maximum number of light-weight processes (threads) allowed lwps: Int # Number of vCPUs for this package vcpus: Int # The version of this package version: String # The group this package belongs to group: String ): [Package] # Gets a package by `name` or `id` package( # The id of for this package id: ID # The "friendly" name for this package name: String ): Package # Lists all instances we have on record for your account machines( # The id of for this machine id: ID # The type of instance (e.g. lx) brand: Brand # Machine name to find (will make your list size 1, or 0 if nothing found) name: String # Image id; returns instances provisioned with that image image: ID # The current state of the instance (e.g. running) state: MachineState # The current size of the RAM deployed for the instance (in MiB) memory: Int # Include destroyed and failed instances available in instance history tombstone: Boolean # Return a max of N instances; default is 1000 (which is also the maximum allowable result set size) limit: Int # Get a limit number of instances starting at this offset offset: Int # Whether to only list Docker instances, or only non-Docker instances, if present. Defaults to showing all instances docker: Boolean # Whether to include the generated credentials for instances, if present. Defaults to false credentials: Boolean # An arbitrary set of tags can be used for querying tags: [KeyValueInput] ): [Machine] # Gets the details for an individual instance. Deleted instances are returned only if the instance history has not been purged from Triton machine( # The id of for this machine id: ID ): Machine # Lists all snapshots taken for a given machine snapshots( # Snapshot id name: ID # Machine id machine: ID! ): [Snapshot] # Gets the state of the named snapshot snapshot( # Machine id machine: ID! # Snapshot name name: String! ): Snapshot # Returns the complete set of metadata associated with a given machine metadata( # Machine id machine: ID! # Whether or not to return instance credentials. Defaults to false credentials: Boolean # Name of metadata value to retrieve name: String ): [KeyValue] # Gets the state of the named snapshot metadataValue( # Machine id machine: ID! # Name of metadata value to retrieve name: String ): KeyValue # Returns the complete set of tags associated with this machine tags( # Machine id machine: ID! # Name of tag value to retrieve name: String ): [KeyValue] # Returns the value for a single tag on this machine tag( # Machine id machine: ID! # Name of tag value to retrieve name: String ): KeyValue # Provides a list of an instance's accomplished actions. Results are sorted from newest to oldest action. Note that the complete audit trail is returned only if the instance history and job records have not been purged from Triton. actions( # Machine id machine: ID! ): [Action] # List all firewall rules for the current account # # Arguments # id: # machine: firewall_rules( # Unique identifier for this rule id: ID # Machine id machine: ID ): [FirewallRule] # Retrieves an individual firewall rule firewall_rule( # Unique identifier for this rule id: ID! ): FirewallRule # List all vlans for the current account vlans( # Unique identifier for this vlan id: ID ): [VLAN] # Retrieves an individual vlan vlan( # Unique identifier for this vlan id: ID! ): VLAN # Lists all of the networks. If the vlan parameter is specified, then only fabric networks are returned networks( id: ID # VLAN id vlan: ID ): [Network] # Retrieves an individual network rule network( id: ID! # VLAN id vlan: ID ): Network # List all the NICs on an instance nics( # Machine id machine: ID! # NIC's MAC address mac: String ): [NIC] # Gets a specific NIC on an instance nic( # Machine id machine: ID! # NIC's MAC address mac: String! ): [NIC] } type Mutation { # Update your account details updateAccount( # Email address email: String companyName: String firstName: String lastName: String address: String postalCode: String city: String state: String country: String phone: String # Enable or disable the Triton CNS triton_cns_enabled: Boolean ): User # Uploads a new OpenSSH key to Triton for use in HTTP signing and SSH. createKey( # User id. Use this for sub-user keys user: ID # Name for this key name: String # OpenSSH formatted public key fingerprint: String! ): Key # Deletes a single SSH key, by name or fingerprint deleteKey( # User id. Use this for sub-user keys user: ID # Name for this key name: String # OpenSSH formatted public key fingerprint: String ): Key # Creates a new user under an account createUser( # Email address email: String # Username login: String # Password password: String companyName: String firstName: String lastName: String address: String postalCode: String city: String state: String country: String phone: String ): User # Update a user's modifiable properties updateUser( id: ID! login: String email: String companyName: String firstName: String lastName: String address: String postalCode: String city: String state: String country: String phone: String ): User # This is a separate rule for password changes, so different policies can be used for an user trying to modify other data, or only their own password changeUserPassword( id: ID! password: String password_confirmation: String ): User # Remove a user deleteUser(id: ID!): User # Create a new role for your account createRole( # The role's name name: String # This account's policies to be given to this role policies: [ID] # This account's user logins to be added to this role members: [ID] # This account's user logins to be added to this role and have it enabled by default default_members: [ID] ): Role # Modifies an account role. Anything but id can be modified updateRole( # Role id id: ID! # The role's name name: String # This account's policies to be given to this role policies: [ID] # This account's user logins to be added to this role members: [ID] # This account's user logins to be added to this role and have it enabled by default default_members: [ID] ): Role # Remove a role deleteRole( # Role id id: ID! ): Role # Creates a new account policy createPolicy( # The policy name name: String # One or more Aperture sentences to be added to the current policy rules: [String]! # A description for this policy description: String ): Policy # Upgrades an existing account policy. Everything but id can be modified. updatePolicy( # Policy id id: ID! # The policy name name: String # One or more Aperture sentences to be added to the current policy rules: [String] # A description for this policy description: String ): Policy # Delete an RBAC policy deletePolicy( # Policy id id: ID! ): Policy # Updates configuration values for your account updateConfig( # ID of the network used for provisioning docker containers default_network: String ): [KeyValue] # Delete an image. Caller must be the owner of the image to delete it deleteImage( # Image id id: ID ): Image # Exports an image to the specified Manta path. Caller must be the owner of the image, and the correspondent Manta path prefix, in order to export it # # Arguments # id: exportImage( # Manta path prefix used when exporting the image manta_path: String! ): MantaLocation # Create a new custom image from an instance createImageFromMachine( # The prepared and stopped instance UUID from which the image is to be created machine: ID! # The name of the custom image, e.g. "my-image" name: String! # The version of the custom image, e.g. "1.0.0" version: String! # The image description description: String # The image homepage homepage: String # The image eula eula: String # The image acl acl: String # The image tags tags: [KeyValueInput] ): Image # Create a new custom image from an instance updateImage( # Image id id: ID! # The name of the custom image, e.g. "my-image" name: String! # The version of the custom image, e.g. "1.0.0" version: String! # The image description description: String # The image homepage homepage: String # The image eula eula: String # The image acl acl: String # The image tags tags: [KeyValueInput] ): Image # Allows you to provision an instance. # # If you do not specify a name, CloudAPI will generate a random one for you. If you have enabled Triton CNS on your account, this name will also be used in DNS to refer to the new instance (and must therefore consist of DNS-safe characters only). # # Your instance will initially be not available for login (Triton must provision and boot it); you can poll [GetMachine](https://apidocs.joyent.com/cloudapi/#GetMachine) for its status. When the `state` field is equal to `running`, you can log in. If the instance is a `brand` other than `kvm`, you can usually use any of the SSH keys managed under the [keys section](https://apidocs.joyent.com/cloudapi/#keys) of CloudAPI to login as any POSIX user on the OS. You can add/remove keys over time, and the instance will automatically work with that set. # # If the the instance has a brand `kvm`, and of a UNIX-derived OS (e.g. Linux), you must have keys uploaded before provisioning; that entire set of keys will be written out to `/root/.ssh/authorized_keys` in the new instance, and you can SSH in using one of those keys. Changing the keys over time under your account will not affect a running hardware virtual machine in any way; those keys are statically written at provisioning-time only, and you will need to manually manage them on the instance itself. # # If the image you create an instance from is set to generate passwords for you, the username/password pairs will be returned in the metadata response as a nested object, like so: # # ```json # "metadata": { # "credentials": { # "root": "s8v9kuht5e", # "admin": "mf4bteqhpy" # } # } # ``` # # You cannot overwrite the `credentials` key in CloudAPI. # # More generally, the metadata keys can be set either at the time of instance creation, or after the fact. You must either pass in plain-string values, or a JSON-encoded string. On metadata retrieval, you will get a JSON object back. # # Networks can be specified using the networks attribute. If it is absent from the input, the instance will default to attaching to one externally-accessible network (it will have one public IP), and one internally-accessible network from the datacenter network pools. It is possible to have an instance attached to only an internal network, or both public and internal, or just external. # # Be aware that CreateMachine does not return IP addresses or networks. To obtain the IP addresses and networks of a newly-provisioned instance, poll [GetMachine](https://apidocs.joyent.com/cloudapi/#GetMachine) until the instance state is `running`. # # Typically, Triton will allocate the new instance somewhere reasonable within the cloud. See [affinity rules](https://apidocs.joyent.com/cloudapi/#affinity-rules) below for options on controlling server placement of new instances. # # When Triton CNS is enabled, the DNS search domain of the new VM will be automatically set to the suffix of the "instance" record that is created for that VM. For example, if the full CNS name of the new VM would be "foo.inst.35ad1ec4-2eab-11e6-ac02-8f56c66976a1.us-west-1.triton.zone", its automatic DNS search path would include "inst.35ad1ec4-2eab-11e6-ac02-8f56c66976a1.us-west-1.triton.zone". This can be changed later within the instance, if desired. createMachine( # Friendly name for this instance; default is the first 8 characters of the machine id. If the name includes the string {{shortId}}, any instances of that tag within the name will be replaced by the first 8 characters of the machine id. name: String # Id of the package to use on provisioning, obtained from ListPackages package: ID # The image UUID image: ID # Desired networks ids networks: [ID] # Optional array of affinity rules affinity: [AffinityRule] # An arbitrary set of metadata key/value pairs can be set at provision time, but they must be prefixed with "metadata" metadata: [KeyValueInput] # An arbitrary set of tags can be set at provision time, but they must be prefixed with "tag" tag: [KeyValueInput] # Completely enable or disable firewall for this instance. Default is false firewall_enabled: Boolean ): Machine # Allows you to shut down an instance stopMachine( # Machine id id: ID! ): Machine # Allows you to boot up an instance startMachine( # Machine id id: ID! ): Machine # Allows you to reboot an instance rebootMachine( # Machine id id: ID! ): Machine # Resize an instance to a new package # # Resizing is only supported for containers (instances which are not hardware virtual machines -- they have brand=kvm). Hardware virtual machines cannot be resized. Resizing is not guaranteed to work, especially when resizing upwards in resources. It is best-effort, and may fail. Resizing downwards will usually succeed. resizeMachine( # Machine id id: ID! # Package id package: ID! ): Machine # Allows you to rename an instance renameMachine( # Machine id id: ID! # Package id name: String! ): Machine # Allows you to enable the firewall for an instance enableMachineFirewall( # Machine id id: ID! ): Machine # Allows you to take a snapshot of an instance. Once you have one or more snapshots, you can boot the instance from a previous snapshot. Snapshots are not usable with other instances; they are a point-in-time snapshot of the current instance. Snapshots can also only be taken of instances that are not of brand 'kvm'. createMachineSnapshot( # Machine id id: ID! name: String ): Snapshot # If an instance is in the 'stopped' state, you can choose to start the instance from the referenced snapshot. This is effectively a means to roll back instance state. startMachineFromSnapshot( # Machine id id: ID! snapshot: ID! ): Machine # Deletes the specified snapshot of an instance deleteMachineSnapshot( # Machine id id: ID! snapshot: ID! ): Snapshot # Allows you to update the metadata for a given instance. Note that updating the metadata via CloudAPI will result in the metadata being updated in the running instance. The semantics of this call are subtly different that the AddMachineTags call -- any metadata keys passed in here are created if they do not exist, and overwritten if they do. updateMachineMetadata( # Machine id id: ID! # Metadata key value pairs metadata: [KeyValueInput] ): Machine # Deletes a single metadata key from this instance deleteMachineMetadata( # Machine id id: ID! # Metadata key key: String! ): String # Deletes all metadata keys from this instance deleteAllMachineMetadata( # Machine id id: ID! ): String # Set tags on the given instance. A pre-existing tag with the same name as one given will be overwritten addMachineTags( # Machine id id: ID! # key value pairs tags: [KeyValueInput]! ): Machine # Fully replace all tags on an instance with the given tags replaceMachineTags( # Machine id id: ID! # key value pairs tags: [KeyValueInput]! ): Machine # Deletes a single tag from this instance deleteMachineTag( # Machine id id: ID! # tag key tags: [KeyValueInput]! ): Machine # Deletes all tags from an instance deleteMachineTags( # Machine id id: ID! ): Machine # Allows you to completely destroy an instance deleteMachine( # Machine id id: ID! ): Machine # Adds a new firewall rule for the specified account. This rule will be added to all the account's instances where it may be necessary createFirewallRule( # Indicates if the rule is enabled (optional, false by default) enabled: Boolean # Firewall rule text rule: String! # Human-readable description for the rule description: String ): FirewallRule # Adds a new firewall rule for the specified account. This rule will be added to all the account's instances where it may be necessary updateFirewallRule( # Firewall rule id id: ID! # Indicates if the rule is enabled (false by default) enabled: Boolean # Firewall rule text rule: String # Human-readable description for the rule description: String ): FirewallRule # Enables the given firewall rule if it is disabled enableFirewallRule( # Firewall rule id id: ID! ): FirewallRule # Disables the given firewall rule if it is enabled disableFirewallRule( # Firewall rule id id: ID! ): FirewallRule # Removes the given firewall rule from all the required instances deleteFirewallRule( # Firewall rule id id: ID! ): FirewallRule # Creates a new VLAN on the fabric createVLAN( # A number from 0-4095 that indicates the VLAN's id id: Int! # A unique name to identify the VLAN name: String! # An optional description of the VLAN descritpion: String ): VLAN # Updates a fabric VLAN updateVLAN( # The VLAN id id: Int! # A unique name to identify the VLAN name: String # An optional description of the VLAN descritpion: String ): VLAN # Deletes the specified VLAN. Note there must be no networks on that VLAN in order for the VLAN to be deleted. deleteVLAN( # The VLAN id id: Int! ): VLAN # Create Fabric network createNetwork( # The network name; must be unique name: String! # Description of this network description: String # A CIDR formatted string that describes the network subnet: String! # The first IP on the network that may be assigned provision_start_ip: String # The last IP on the network that may be assigned provision_end_ip: String # Gateway IP address gateway: String # Optional resolver IP addresses resolvers: [String] # Optional Static routes for hosts on this network routes: [KeyValueInput] # Provision internet NAT zone on gateway address, default is true internet_nat: Boolean ): Network # Deletes the specified Network. Note that no instances may be provisioned on the Network deleteNetwork( # The network id id: ID ): Network # Creates a new NIC on an instance belonging to a given account # *WARNING*: this causes the instance to reboot while adding the NIC addNic( # Machine id machine: ID! # ID of network this NIC should attach to network: ID! ): NIC # Removes a NIC on an instance belonging to a given account # *WARNING*: this causes the instance to reboot while removing the NIC removeNic( # Machine id machine: ID # NIC mac address mac: String ): NIC } schema { query: Query mutation: Mutation }