1 命令

1.1 IKE策略

  • vpn-ikepolicy-create Create an IKEPolicy
  • vpn-ikepolicy-delete Delete a given IKE Policy.
  • vpn-ikepolicy-list List IKEPolicies that belong to a given tenant.
  • vpn-ikepolicy-show Show detailed information of a given IKEPolicy.
  • vpn-ikepolicy-update Update a given IKE Policy.

1.2 ipsec策略

  • vpn-ipsecpolicy-create Create an IPsec policy
  • vpn-ipsecpolicy-delete Delete a given IPsec Policy
  • vpn-ipsecpolicy-list List IPsecPolicies that belong to a given tenant * connection.
  • vpn-ipsecpolicy-show Show detailed information of a given IPsec Policy
  • vpn-ipsecpolicy-update Update a given IPsec Policy.

1.3 vpn服务

  • vpn-service-create Create a VPNService
  • vpn-service-delete Delete a given VPNService
  • vpn-service-list List all VPNService for a given tenant.
  • vpn-service-show Show detailed information of a given VPNService.
  • vpn-service-update Update a given VPNservice.

1.4 连接

  • ipsec-site-connection-create Create a ipsec-site-connection
  • ipsec-site-connection-delete Delete a given ipsec-site-connection.
  • ipsec-site-connection-list List ipsec-site-connections that belong to a given tenant.
  • ipsec-site-connection-show Show information of a given ipsec-site-connection.
  • ipsec-site-connection-update Update a given ipsec-site-connection.

2 API

2.1 IKE策略

获取IKE策略列表

GET

/v2.0/ikepolicies/

创建IKE策略

POST

/v2.0/ikepolicies

获取指定IKE策略

GET

/v2.0/ikepolicies/ikepolicy-id

更新指定IKE策略

UPDATE

/v2.0/ikepolicies/ikepolicy-id

删除IKE策略

DELETE

/v2.0/ikepolicies/ikepolicy-id

示例

创建IKE策略

发送参数

#!highlight javascript numbers=disable

POST /v1.0/ikepolicies

Accept: application/json

Content-Type: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "ikepolicy" : {

            "name": "ikepolicy_1",

            "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "phase1-negotiation-mode" : "main",

        "lifetime": "units=seconds,value=28800",

            "ike-version" : "v1",

            "pfs": " Group5",

           }

}

返回参数

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

"ikepolicy" : {

            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",

            "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",

            "name": "ikepolicy_1",

            "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "phase1-negotiation-mode" : "main",

        "lifetime": {

                      "units" : "seconds"

                      "value" : 28800,

             }

            "ike-version" : "v1",

            "pfs": "Group5",

        }

}

2.2 IPsec策略

获取ipsec策略列表

GET

/v2.0/ipsecpolicies/

创建ipsec策略

POST

/v2.0/ipsecpolicies

获取指定ipsec策略

GET

/v2.0/ipsecpolicies/ipsecpolicy-id

更新ipsec策略

UPDATE

/v2.0/ipsecpolicies/ipsecpolicy-id

删除ipsec策略

DELETE

/v2.0/ipsecpolicies/ipsecpolicy-id

示例

创建ipsec策略

发送参数json

#!highlight javascript numbers=disable

POST /v1.0/ipsecpolicies

Accept: application/json

Content-Type: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "ipsecpolicy" : {

            "name": "ipsecpolicy_1",

            "transform-protocol": "esp",

        "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "encapsulation-mode" : "tunnel",

            "lifetime": "units=seconds,value=28800",

            "pfs": "Group5"

          }

}

返回数据json

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

  "ipsecpolicy" : {

            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",

            "tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",

            "name": "ipsecpolicy_1",

            "transform-protocol": "esp",

        "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "encapsulation-mode" : "tunnel",

             "lifetime": {

                      "units" : "seconds"

                      "value" : 28800,

             }

            "pfs": "Group5"

       }

}

2.3 VPN服务

获取vpn服务列表

GET

/v2.0/vpnservices/

获取指定vpn服务

GET

/v2.0/vpnservices/vpnservice-id

创建vpn服务

POST

/v2.0/vpnservices

更新指定vpn服务

UPDATE

/v2.0/vpnservices/vpnservice-id

删除vpn服务 DELETE /v2.0/vpnservices/vpnservice-id

示例

创建vpn服务

发送数据json

#!highlight javascript numbers=disable

POST /v1.0/vpnservices

Content-Type: application/json

Accept: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "vpnservice": {

           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",

           "name": "cloud_vpn",

           "subnet": "96a4386a-f8c3-42ed-afce-d7954eee77b3",

       "router": "8acda86a-f8c3-42ed-afce-d7954eee77b3",

           }

}

返回数据json

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

  "vpnservice": {

           "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",

           "tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",

           "name": "cloud_vpn",

           "subnet-id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",

       "router-id": "8acda86a-f8c3-42ed-afce-d7954eee77b3",

           "admin_state_up": true,

           "status": "PENDING_CREATE"

           }

}

2.4 连接服务

获取连接列表

GET

/v2.0/ipsec-site-connections/

创建连接

POST

/v2.0/ipsec-site-connections

获取指定连接

GET

/v2.0/ipsec-site-connections/ipsec-site-connection-id

更新连接

UPDATE

/v2.0/ipsec-site-connections/ipsec-site-connection-id

删除连接

DELETE

/v2.0/ipsec-site-connections/ipsec-site-connection-id

示例

创建连接

发送数据json

#!highlight javascript numbers=disable

POST /v1.0/ipsec-site-connections

Accept: application/json

Content-Type: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "ipsec_site_connection" : {

            "name": "ipsec_connection_1",

            "peer-address": "192.168.2.255",

            "peer-id" : "192.168.2.255",

        "peer-cidr" : "10.30.2.0/24",

            "dpd": "action=hold,interval=20,timeout=120",

           "mtu": "1500",

           "psk": "bla_bla_bla",

           "initiator": "bi-directional",

           "vpnservice-id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",

            "ikepolicy-id": "03299abc-16f5-4917-bf19-c40a9af805ed",

            "ipsecpolicy-id": "0dbc1234-16f5-4917-bf19-c40a9af805ed"

         }

}

返回数据json

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

  "ipsec_site_connection" : {

            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",

            "tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",

            "name": "ipsec_connection_1",

            "peer-address": "192.168.2.255",

            "peer-id" : "192.168.2.255",

        "peer-cidr" : "10.30.2.0/24",

            "dpd": {

                      "action" : "hold"

                      "interval" : 20,

                      "timeout" : 120,

             }

           "mtu": "1500",

           "psk": "bla_bla_bla",

           "initiator": "bi-directional",

            "vpnservice-id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",

            "ikepolicy-id": "03299abc-16f5-4917-bf19-c40a9af805ed",

            "ipsecpolicy-id": "0dbc1234-16f5-4917-bf19-c40a9af805ed",

            "admin_state_up": true,

            "status": "PENDING_CREATE"

          }

}

OpenStack-Neutron-VPNaaS-API的更多相关文章

  1. Openstack Neutron OVS ARP Responder

    ARP – Why do we need it? In any environment, be it the physical data-center, your home, or a virtual ...

  2. 深入浅出新一代云网络——VPC中的那些功能与基于OpenStack Neutron的实现(一)

    VPC的概念与基于vxlan的overlay实现很早就有了,标题中的"新"只是一个和传统网络的相对概念.但从前年开始,不同于以往基础网络架构的新一代SDN网络才真正越来越多的走进国 ...

  3. [转] OpenStack IPSec VPNaaS

    OpenStack IPSec VPNaaS ( by quqi99 ) 作者:张华  发表于:2013-08-03版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声 ...

  4. openstack neutron L3 HA

    作者:Liping Mao  发表于:2014-08-20 版权声明:能够随意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声明 近期Assaf Muller写了一篇关于Neutro ...

  5. openstack Neutron分析(3)—— neutron-dhcp-agent源码分析

    1.neutron dhcp3个主要部件分别为什么?2.dhcp模块包含哪些内容?3.Dnsmasq配置文件是如何创建和更新的?4.DHCP agent的信息存放在neutron数据库的哪个表中? 扩 ...

  6. OpenStack Neutron 之 Load Balance

    OpenStack Neutron 之 Load Balance 负载均衡(Load Balance)是 OpenStack Neutron 支持的功能之一.负载均衡能够将网络请求分发到多个实际处理请 ...

  7. openstack——neutron网络服务

    一.neutron 介绍:   Neutron 概述 传统的网络管理方式很大程度上依赖于管理员手工配置和维护各种网络硬件设备:而云环境下的网络已经变得非常复杂,特别是在多租户场景里,用户随时都可能需要 ...

  8. Openstack Neutron:三层技术和实现

    目录 - 1.Neutron 三层技术简介 - 2.集中式router - 1.在节点上安装L3 agent - 2.配置外部网络 - 3.通过CLI或者Horizon 来创建路由 - 4.连接租户网 ...

  9. Openstack neutron:云数据中心底层网络架构

    目录 - 目录 - 云数据中心流量类型 - NSX整体网络结构 - 管理网络(API网络) - 租户网络 - 外联网络 - 存储网络 - openstack整体网络结构 - 管理网络:(上图中蓝线) ...

  10. Openstack Neutron L2 Population

    Why do we need it, whatever it is? VM unicast, multicast and broadcast traffic flow is detailed in m ...

随机推荐

  1. 基于【CentOS-7+ Ambari 2.7.0 + HDP 3.0】搭建HAWQ数据仓库01 —— 准备环境,搭建本地仓库,安装ambari

    一.集群软硬件环境准备: 操作系统:  centos 7 x86_64.1804 Ambari版本:2.7.0 HDP版本:3.0.0 HAWQ版本:2.3.05台PC作为工作站: ep-bd01 e ...

  2. 【Excel】读取固定长文本

    '******************************************************************************* ' 固定長形式テキストファイルを読み込 ...

  3. Oracle 11G 安装文档

    一. 将文件win32_11gR2_database_1of2.zip和win32_11gR2_database_2of2.zip解压. 注意:这两个文件解压到同一个目录下,即:将Components ...

  4. CocoaPods 添加WebP失败解决办法

    pod 'sdwebimage/webp' 下载libwebp 超时 [!] Error installing libwebp [!] /usr/bin/git clone https://chrom ...

  5. 数据库更新锁WITH UPDLOCK

    今天因为并发的问题,又讨论了一遍.之前以为同时两个线程开启,线程A加了更新锁,线程B没有加,线程A更新后,线程B也会继续下去代码.但是今天测试了一下,原来线程A更新后(解锁),线程B将不会继续,会出现 ...

  6. Linux网络设备驱动 _驱动模型

    Linux素来以其强大的网络功能著名,同时, 网络设备也作为三大设备之一, 成为Linux驱动学习中必不可少的设备类型, 此外, 由于历史原因, Linux并没有强制对网络设备贯彻其"一切皆 ...

  7. mui---获取设备的网络状态

    在用mui做音乐或视频播放器的时候,往往会考虑当前音乐+视频的播放环境.例如是4G ,WIFI,无网络,给出特定的提示: 具体做法:根据 getCurrentType来进行获取当前网络的类型: plu ...

  8. gitlab-ci + k8s 之k8s (二)

    k8s用自己话说,就是一种容器编排工具,部署好应用,再创建绑定应用的服务,就可以实现的服务访问了.这个理论还是得去看重点谈理论的文章,此处我们只记录本项目部署过程. 背景介绍 之前已实现gitlab- ...

  9. 基于nmap扫描结果的端口爆破工具:BrutesPray

      大家搞内网或者C段渗透测试的时候可能遇到很多时候需要对大批的主机进行精确爆破,这时候BruteSpray就派上用场了. BruteSpray是一款基于nmap扫描输出的gnmap/XML文件.自动 ...

  10. 4 html文件引用问题

    通常在写html文件的时候会遇到需要引入样式文件,或者图片等问题,对于有一定开发经验的人来说,这些都不是问题,做为初学者,还是有必要理解html文件引用的“思路”的 当html文件和要引用的文件在同一 ...