1 命令

1.1 IKE策略

  • vpn-ikepolicy-create Create an IKEPolicy
  • vpn-ikepolicy-delete Delete a given IKE Policy.
  • vpn-ikepolicy-list List IKEPolicies that belong to a given tenant.
  • vpn-ikepolicy-show Show detailed information of a given IKEPolicy.
  • vpn-ikepolicy-update Update a given IKE Policy.

1.2 ipsec策略

  • vpn-ipsecpolicy-create Create an IPsec policy
  • vpn-ipsecpolicy-delete Delete a given IPsec Policy
  • vpn-ipsecpolicy-list List IPsecPolicies that belong to a given tenant * connection.
  • vpn-ipsecpolicy-show Show detailed information of a given IPsec Policy
  • vpn-ipsecpolicy-update Update a given IPsec Policy.

1.3 vpn服务

  • vpn-service-create Create a VPNService
  • vpn-service-delete Delete a given VPNService
  • vpn-service-list List all VPNService for a given tenant.
  • vpn-service-show Show detailed information of a given VPNService.
  • vpn-service-update Update a given VPNservice.

1.4 连接

  • ipsec-site-connection-create Create a ipsec-site-connection
  • ipsec-site-connection-delete Delete a given ipsec-site-connection.
  • ipsec-site-connection-list List ipsec-site-connections that belong to a given tenant.
  • ipsec-site-connection-show Show information of a given ipsec-site-connection.
  • ipsec-site-connection-update Update a given ipsec-site-connection.

2 API

2.1 IKE策略

获取IKE策略列表

GET

/v2.0/ikepolicies/

创建IKE策略

POST

/v2.0/ikepolicies

获取指定IKE策略

GET

/v2.0/ikepolicies/ikepolicy-id

更新指定IKE策略

UPDATE

/v2.0/ikepolicies/ikepolicy-id

删除IKE策略

DELETE

/v2.0/ikepolicies/ikepolicy-id

示例

创建IKE策略

发送参数

#!highlight javascript numbers=disable

POST /v1.0/ikepolicies

Accept: application/json

Content-Type: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "ikepolicy" : {

            "name": "ikepolicy_1",

            "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "phase1-negotiation-mode" : "main",

        "lifetime": "units=seconds,value=28800",

            "ike-version" : "v1",

            "pfs": " Group5",

           }

}

返回参数

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

"ikepolicy" : {

            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",

            "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",

            "name": "ikepolicy_1",

            "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "phase1-negotiation-mode" : "main",

        "lifetime": {

                      "units" : "seconds"

                      "value" : 28800,

             }

            "ike-version" : "v1",

            "pfs": "Group5",

        }

}

2.2 IPsec策略

获取ipsec策略列表

GET

/v2.0/ipsecpolicies/

创建ipsec策略

POST

/v2.0/ipsecpolicies

获取指定ipsec策略

GET

/v2.0/ipsecpolicies/ipsecpolicy-id

更新ipsec策略

UPDATE

/v2.0/ipsecpolicies/ipsecpolicy-id

删除ipsec策略

DELETE

/v2.0/ipsecpolicies/ipsecpolicy-id

示例

创建ipsec策略

发送参数json

#!highlight javascript numbers=disable

POST /v1.0/ipsecpolicies

Accept: application/json

Content-Type: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "ipsecpolicy" : {

            "name": "ipsecpolicy_1",

            "transform-protocol": "esp",

        "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "encapsulation-mode" : "tunnel",

            "lifetime": "units=seconds,value=28800",

            "pfs": "Group5"

          }

}

返回数据json

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

  "ipsecpolicy" : {

            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",

            "tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",

            "name": "ipsecpolicy_1",

            "transform-protocol": "esp",

        "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "encapsulation-mode" : "tunnel",

             "lifetime": {

                      "units" : "seconds"

                      "value" : 28800,

             }

            "pfs": "Group5"

       }

}

2.3 VPN服务

获取vpn服务列表

GET

/v2.0/vpnservices/

获取指定vpn服务

GET

/v2.0/vpnservices/vpnservice-id

创建vpn服务

POST

/v2.0/vpnservices

更新指定vpn服务

UPDATE

/v2.0/vpnservices/vpnservice-id

删除vpn服务 DELETE /v2.0/vpnservices/vpnservice-id

示例

创建vpn服务

发送数据json

#!highlight javascript numbers=disable

POST /v1.0/vpnservices

Content-Type: application/json

Accept: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "vpnservice": {

           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",

           "name": "cloud_vpn",

           "subnet": "96a4386a-f8c3-42ed-afce-d7954eee77b3",

       "router": "8acda86a-f8c3-42ed-afce-d7954eee77b3",

           }

}

返回数据json

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

  "vpnservice": {

           "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",

           "tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",

           "name": "cloud_vpn",

           "subnet-id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",

       "router-id": "8acda86a-f8c3-42ed-afce-d7954eee77b3",

           "admin_state_up": true,

           "status": "PENDING_CREATE"

           }

}

2.4 连接服务

获取连接列表

GET

/v2.0/ipsec-site-connections/

创建连接

POST

/v2.0/ipsec-site-connections

获取指定连接

GET

/v2.0/ipsec-site-connections/ipsec-site-connection-id

更新连接

UPDATE

/v2.0/ipsec-site-connections/ipsec-site-connection-id

删除连接

DELETE

/v2.0/ipsec-site-connections/ipsec-site-connection-id

示例

创建连接

发送数据json

#!highlight javascript numbers=disable

POST /v1.0/ipsec-site-connections

Accept: application/json

Content-Type: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "ipsec_site_connection" : {

            "name": "ipsec_connection_1",

            "peer-address": "192.168.2.255",

            "peer-id" : "192.168.2.255",

        "peer-cidr" : "10.30.2.0/24",

            "dpd": "action=hold,interval=20,timeout=120",

           "mtu": "1500",

           "psk": "bla_bla_bla",

           "initiator": "bi-directional",

           "vpnservice-id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",

            "ikepolicy-id": "03299abc-16f5-4917-bf19-c40a9af805ed",

            "ipsecpolicy-id": "0dbc1234-16f5-4917-bf19-c40a9af805ed"

         }

}

返回数据json

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

  "ipsec_site_connection" : {

            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",

            "tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",

            "name": "ipsec_connection_1",

            "peer-address": "192.168.2.255",

            "peer-id" : "192.168.2.255",

        "peer-cidr" : "10.30.2.0/24",

            "dpd": {

                      "action" : "hold"

                      "interval" : 20,

                      "timeout" : 120,

             }

           "mtu": "1500",

           "psk": "bla_bla_bla",

           "initiator": "bi-directional",

            "vpnservice-id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",

            "ikepolicy-id": "03299abc-16f5-4917-bf19-c40a9af805ed",

            "ipsecpolicy-id": "0dbc1234-16f5-4917-bf19-c40a9af805ed",

            "admin_state_up": true,

            "status": "PENDING_CREATE"

          }

}

OpenStack-Neutron-VPNaaS-API的更多相关文章

  1. Openstack Neutron OVS ARP Responder

    ARP – Why do we need it? In any environment, be it the physical data-center, your home, or a virtual ...

  2. 深入浅出新一代云网络——VPC中的那些功能与基于OpenStack Neutron的实现(一)

    VPC的概念与基于vxlan的overlay实现很早就有了,标题中的"新"只是一个和传统网络的相对概念.但从前年开始,不同于以往基础网络架构的新一代SDN网络才真正越来越多的走进国 ...

  3. [转] OpenStack IPSec VPNaaS

    OpenStack IPSec VPNaaS ( by quqi99 ) 作者:张华  发表于:2013-08-03版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声 ...

  4. openstack neutron L3 HA

    作者:Liping Mao  发表于:2014-08-20 版权声明:能够随意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声明 近期Assaf Muller写了一篇关于Neutro ...

  5. openstack Neutron分析(3)—— neutron-dhcp-agent源码分析

    1.neutron dhcp3个主要部件分别为什么?2.dhcp模块包含哪些内容?3.Dnsmasq配置文件是如何创建和更新的?4.DHCP agent的信息存放在neutron数据库的哪个表中? 扩 ...

  6. OpenStack Neutron 之 Load Balance

    OpenStack Neutron 之 Load Balance 负载均衡(Load Balance)是 OpenStack Neutron 支持的功能之一.负载均衡能够将网络请求分发到多个实际处理请 ...

  7. openstack——neutron网络服务

    一.neutron 介绍:   Neutron 概述 传统的网络管理方式很大程度上依赖于管理员手工配置和维护各种网络硬件设备:而云环境下的网络已经变得非常复杂,特别是在多租户场景里,用户随时都可能需要 ...

  8. Openstack Neutron:三层技术和实现

    目录 - 1.Neutron 三层技术简介 - 2.集中式router - 1.在节点上安装L3 agent - 2.配置外部网络 - 3.通过CLI或者Horizon 来创建路由 - 4.连接租户网 ...

  9. Openstack neutron:云数据中心底层网络架构

    目录 - 目录 - 云数据中心流量类型 - NSX整体网络结构 - 管理网络(API网络) - 租户网络 - 外联网络 - 存储网络 - openstack整体网络结构 - 管理网络:(上图中蓝线) ...

  10. Openstack Neutron L2 Population

    Why do we need it, whatever it is? VM unicast, multicast and broadcast traffic flow is detailed in m ...

随机推荐

  1. Socket端口复用

    在网络应用中(如Java Socket Server),当服务关掉立马重启时,很多时候会提示端口仍被占用(因端口上有处于TIME_WAIT的连接).此时可通过 SO_REUSEADDR 参数( soc ...

  2. 使用Docker快速创建.Net Core2.0 Nginx负载均衡节点

    本文版权归博客园和作者吴双本人共同所有 转载和爬虫请注明原文地址 www.cnblogs.com/tdws 一.Self-Host Kestrel 1. 在vs2017中新建dotnet core2. ...

  3. 将RAC软件转换为单实例软件

    将RAC软件转换为单实例软件 http://blog.itpub.net/26736162/viewspace-2155632/ 1. Stop database and CRS on both no ...

  4. win10专业版密钥 亲测可用 不断更新

    DR9VN-GF3CR-RCWT2-H7TR8-82QGT 更新时间2018年10月11日

  5. Qt中关于QMouseEventbuttons()和QMouseEventbutton()的使用注意

    在进行QT程序开发中经常需要响应鼠标事件,在QWidget或QMainWindow的子类中可以重载如下鼠标事件实现自己需要的效果. virtual void mouseDoubleClickEvent ...

  6. 判断当前的Activity的是否处于栈顶

    lockAppName 是需要判断Activity的全称(包括包名). private boolean getTopApp(Context mContext) { String lockAppName ...

  7. vscode 同步配置

    按照插件完成配置之后,将token保存在本地,编辑配置文件:ctrl+3.sync高级选项.编辑本地扩展设置.将token粘贴进去即可,团队所有vscode均应该按照此配置来保持统一:

  8. 8051汇编:EQU指令

    关于EQU汇编指令 EQU是英文单词equal的缩写,因此我们也能对EQU指令有一个初步的认识:做等价替换使用. 在8051汇编语言中,EQU用于定义一个符号常量,其效果不会带来存储空间的占用(这和C ...

  9. 把Oracle由归档模式改为非归档模式

    把Oracle由归档模式改为非归档模式 开始–>运行命令cmd进入命令行模式 1. 使用命令sqlplus以无日志形式打开如下: sqlplus /nolog; 2. 连接数据库dev.worl ...

  10. pushd和popd

    [原文地址]   其实,很早就知道pushd和popd在linux中可以用来方便地在多个目录之间切换.那时比较浮躁,感觉切换目录没必要这么复杂.在实际中,发现通过使用pushd和popd能够极大地提高 ...