1 命令

1.1 IKE策略

  • vpn-ikepolicy-create Create an IKEPolicy
  • vpn-ikepolicy-delete Delete a given IKE Policy.
  • vpn-ikepolicy-list List IKEPolicies that belong to a given tenant.
  • vpn-ikepolicy-show Show detailed information of a given IKEPolicy.
  • vpn-ikepolicy-update Update a given IKE Policy.

1.2 ipsec策略

  • vpn-ipsecpolicy-create Create an IPsec policy
  • vpn-ipsecpolicy-delete Delete a given IPsec Policy
  • vpn-ipsecpolicy-list List IPsecPolicies that belong to a given tenant * connection.
  • vpn-ipsecpolicy-show Show detailed information of a given IPsec Policy
  • vpn-ipsecpolicy-update Update a given IPsec Policy.

1.3 vpn服务

  • vpn-service-create Create a VPNService
  • vpn-service-delete Delete a given VPNService
  • vpn-service-list List all VPNService for a given tenant.
  • vpn-service-show Show detailed information of a given VPNService.
  • vpn-service-update Update a given VPNservice.

1.4 连接

  • ipsec-site-connection-create Create a ipsec-site-connection
  • ipsec-site-connection-delete Delete a given ipsec-site-connection.
  • ipsec-site-connection-list List ipsec-site-connections that belong to a given tenant.
  • ipsec-site-connection-show Show information of a given ipsec-site-connection.
  • ipsec-site-connection-update Update a given ipsec-site-connection.

2 API

2.1 IKE策略

获取IKE策略列表

GET
/v2.0/ikepolicies/

创建IKE策略

POST
/v2.0/ikepolicies

获取指定IKE策略

GET
/v2.0/ikepolicies/ikepolicy-id

更新指定IKE策略

UPDATE
/v2.0/ikepolicies/ikepolicy-id

删除IKE策略

DELETE
/v2.0/ikepolicies/ikepolicy-id

示例

创建IKE策略

发送参数

#!highlight javascript numbers=disable
POST /v1.0/ikepolicies
Accept: application/json
Content-Type: application/json
X-Auth-Token:xyz
Content-Length: abc {
"ikepolicy" : {
"name": "ikepolicy_1",
"auth-algorithm" : "sha1",
"encryption-algorithm" : "aes-256",
"phase1-negotiation-mode" : "main",
"lifetime": "units=seconds,value=28800",
"ike-version" : "v1",
"pfs": " Group5",
}
}

返回参数

#!highlight javascript numbers=disable
HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: abc {
"ikepolicy" : {
"id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
"tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
"name": "ikepolicy_1",
"auth-algorithm" : "sha1",
"encryption-algorithm" : "aes-256",
"phase1-negotiation-mode" : "main",
"lifetime": {
"units" : "seconds"
"value" : 28800,
}
"ike-version" : "v1",
"pfs": "Group5",
}
}

2.2 IPsec策略

获取ipsec策略列表

GET
/v2.0/ipsecpolicies/

创建ipsec策略

POST
/v2.0/ipsecpolicies

获取指定ipsec策略

GET
/v2.0/ipsecpolicies/ipsecpolicy-id

更新ipsec策略

UPDATE
/v2.0/ipsecpolicies/ipsecpolicy-id

删除ipsec策略

DELETE
/v2.0/ipsecpolicies/ipsecpolicy-id

示例

创建ipsec策略

发送参数json

#!highlight javascript numbers=disable
POST /v1.0/ipsecpolicies
Accept: application/json
Content-Type: application/json
X-Auth-Token:xyz
Content-Length: abc {
"ipsecpolicy" : {
"name": "ipsecpolicy_1",
"transform-protocol": "esp",
"auth-algorithm" : "sha1",
"encryption-algorithm" : "aes-256",
"encapsulation-mode" : "tunnel",
"lifetime": "units=seconds,value=28800",
"pfs": "Group5"
}
}

返回数据json

#!highlight javascript numbers=disable
HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: abc {
"ipsecpolicy" : {
"id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
"tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",
"name": "ipsecpolicy_1",
"transform-protocol": "esp",
"auth-algorithm" : "sha1",
"encryption-algorithm" : "aes-256",
"encapsulation-mode" : "tunnel",
"lifetime": {
"units" : "seconds"
"value" : 28800,
}
"pfs": "Group5"
}
}

2.3 VPN服务

获取vpn服务列表

GET
/v2.0/vpnservices/

获取指定vpn服务

GET
/v2.0/vpnservices/vpnservice-id

创建vpn服务

POST
/v2.0/vpnservices

更新指定vpn服务

UPDATE
/v2.0/vpnservices/vpnservice-id

删除vpn服务 DELETE /v2.0/vpnservices/vpnservice-id

示例

创建vpn服务

发送数据json

#!highlight javascript numbers=disable
POST /v1.0/vpnservices
Content-Type: application/json
Accept: application/json
X-Auth-Token:xyz
Content-Length: abc {
"vpnservice": { "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
"name": "cloud_vpn",
"subnet": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
"router": "8acda86a-f8c3-42ed-afce-d7954eee77b3",
}
}

返回数据json

#!highlight javascript numbers=disable
HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: abc {
"vpnservice": {
"id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
"tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",
"name": "cloud_vpn",
"subnet-id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
"router-id": "8acda86a-f8c3-42ed-afce-d7954eee77b3",
"admin_state_up": true,
"status": "PENDING_CREATE"
}
}

2.4 连接服务

获取连接列表

GET
/v2.0/ipsec-site-connections/

创建连接

POST
/v2.0/ipsec-site-connections

获取指定连接

GET
/v2.0/ipsec-site-connections/ipsec-site-connection-id

更新连接

UPDATE
/v2.0/ipsec-site-connections/ipsec-site-connection-id

删除连接

DELETE
/v2.0/ipsec-site-connections/ipsec-site-connection-id

示例

创建连接

发送数据json

#!highlight javascript numbers=disable
POST /v1.0/ipsec-site-connections
Accept: application/json
Content-Type: application/json
X-Auth-Token:xyz
Content-Length: abc {
"ipsec_site_connection" : {
"name": "ipsec_connection_1",
"peer-address": "192.168.2.255",
"peer-id" : "192.168.2.255",
"peer-cidr" : "10.30.2.0/24",
"dpd": "action=hold,interval=20,timeout=120",
"mtu": "1500",
"psk": "bla_bla_bla",
"initiator": "bi-directional",
"vpnservice-id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
"ikepolicy-id": "03299abc-16f5-4917-bf19-c40a9af805ed",
"ipsecpolicy-id": "0dbc1234-16f5-4917-bf19-c40a9af805ed"
}
}

返回数据json

#!highlight javascript numbers=disable
HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: abc {
"ipsec_site_connection" : {
"id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
"tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",
"name": "ipsec_connection_1",
"peer-address": "192.168.2.255",
"peer-id" : "192.168.2.255",
"peer-cidr" : "10.30.2.0/24",
"dpd": {
"action" : "hold"
"interval" : 20,
"timeout" : 120,
}
"mtu": "1500",
"psk": "bla_bla_bla",
"initiator": "bi-directional",
"vpnservice-id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
"ikepolicy-id": "03299abc-16f5-4917-bf19-c40a9af805ed",
"ipsecpolicy-id": "0dbc1234-16f5-4917-bf19-c40a9af805ed",
"admin_state_up": true,
"status": "PENDING_CREATE"
}
}

OpenStack-Neutron-VPNaaS-API的更多相关文章

  1. Openstack Neutron OVS ARP Responder

    ARP – Why do we need it? In any environment, be it the physical data-center, your home, or a virtual ...

  2. 深入浅出新一代云网络——VPC中的那些功能与基于OpenStack Neutron的实现(一)

    VPC的概念与基于vxlan的overlay实现很早就有了,标题中的"新"只是一个和传统网络的相对概念.但从前年开始,不同于以往基础网络架构的新一代SDN网络才真正越来越多的走进国 ...

  3. [转] OpenStack IPSec VPNaaS

    OpenStack IPSec VPNaaS ( by quqi99 ) 作者:张华  发表于:2013-08-03版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声 ...

  4. openstack neutron L3 HA

    作者:Liping Mao  发表于:2014-08-20 版权声明:能够随意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声明 近期Assaf Muller写了一篇关于Neutro ...

  5. openstack Neutron分析(3)—— neutron-dhcp-agent源码分析

    1.neutron dhcp3个主要部件分别为什么?2.dhcp模块包含哪些内容?3.Dnsmasq配置文件是如何创建和更新的?4.DHCP agent的信息存放在neutron数据库的哪个表中? 扩 ...

  6. OpenStack Neutron 之 Load Balance

    OpenStack Neutron 之 Load Balance 负载均衡(Load Balance)是 OpenStack Neutron 支持的功能之一.负载均衡能够将网络请求分发到多个实际处理请 ...

  7. openstack——neutron网络服务

    一.neutron 介绍:   Neutron 概述 传统的网络管理方式很大程度上依赖于管理员手工配置和维护各种网络硬件设备:而云环境下的网络已经变得非常复杂,特别是在多租户场景里,用户随时都可能需要 ...

  8. Openstack Neutron:三层技术和实现

    目录 - 1.Neutron 三层技术简介 - 2.集中式router - 1.在节点上安装L3 agent - 2.配置外部网络 - 3.通过CLI或者Horizon 来创建路由 - 4.连接租户网 ...

  9. Openstack neutron:云数据中心底层网络架构

    目录 - 目录 - 云数据中心流量类型 - NSX整体网络结构 - 管理网络(API网络) - 租户网络 - 外联网络 - 存储网络 - openstack整体网络结构 - 管理网络:(上图中蓝线) ...

  10. Openstack Neutron L2 Population

    Why do we need it, whatever it is? VM unicast, multicast and broadcast traffic flow is detailed in m ...

随机推荐

  1. idea中git颜色不显示或者文件右键没有git按钮解决方法

    VCS--->Enable Version Control Integration,然后选择git就可以了

  2. Transaction rolled back because it has been marked as rollback-only分析解决方法

    1. Transaction rolled back because it has been marked as rollback-only事务已回滚,因为它被标记成了只回滚<prop key= ...

  3. vscode切换界面布局

    调整vscode的控制面板位置 鼠标操作 view>Appearance>Toggle Panel Position   调整控制面板在界面底部 或者界面右侧 2.编辑区分布 鼠标操作 v ...

  4. K8s(2)-部署应用

    一旦运行了Kubernetes集群,就可以在其上部署容器化应用程序.为此,您需要创建Kubernetes Deployment配置.Deployment指示Kubernetes如何创建和更新应用程序的 ...

  5. C++学习 —— 灵活的继承特性

    0.继承与算法开发 在之前的笔记中,我展示了来自继承的威力.继承这种机制能够大幅度减小编码量,子类可以继承父类所有的变量,方法.利用这种机制,我们可以在其他人工作的基础上,完成有自己特色的部分.比如我 ...

  6. Java课程寒假之《人月神话》有感之一

    一.焦油坑 以前上课的时候,老师讲过早期的程序由于工作量不大,大多只需要几个人完成,随着软件规模的不断扩大,代码量直线上升,仅仅一两个人可能没有办法完成这样的任务,多以开始形成了团队的规模,焦油坑说的 ...

  7. nvm的安装

    安装前可先卸载原来的node, npm, 安装成功后,可用nvm装node 一.用nvm-noinstall.zip安装 1.nvm-windows 下载 https://github.com/cor ...

  8. easywechat (在thinkphp5中使用easywechat完成微信网页认证)

    由于在easywechat中没有提及在thinkphp中的使用,后来我在http://www.thinkphp.cn/topic/45416.html中找到了有人已经封装了一下,我把自己使用的过程写下 ...

  9. 【Java线程安全】 — ThreadLocal

    [用法] 首先明确,ThreadLocal是用空间换时间来解决线程安全问题的,方法是各个线程拥有自己的变量副本. 既然如此,那么是涉及线程安全,必然有一个共享变量,我给大家声明一个: public c ...

  10. filter滤镜效果(css3属性)

    <!DOCTYPE html> <html> <head> <style> img { width: 33%; height: auto; float: ...