1 命令

1.1 IKE策略

  • vpn-ikepolicy-create Create an IKEPolicy
  • vpn-ikepolicy-delete Delete a given IKE Policy.
  • vpn-ikepolicy-list List IKEPolicies that belong to a given tenant.
  • vpn-ikepolicy-show Show detailed information of a given IKEPolicy.
  • vpn-ikepolicy-update Update a given IKE Policy.

1.2 ipsec策略

  • vpn-ipsecpolicy-create Create an IPsec policy
  • vpn-ipsecpolicy-delete Delete a given IPsec Policy
  • vpn-ipsecpolicy-list List IPsecPolicies that belong to a given tenant * connection.
  • vpn-ipsecpolicy-show Show detailed information of a given IPsec Policy
  • vpn-ipsecpolicy-update Update a given IPsec Policy.

1.3 vpn服务

  • vpn-service-create Create a VPNService
  • vpn-service-delete Delete a given VPNService
  • vpn-service-list List all VPNService for a given tenant.
  • vpn-service-show Show detailed information of a given VPNService.
  • vpn-service-update Update a given VPNservice.

1.4 连接

  • ipsec-site-connection-create Create a ipsec-site-connection
  • ipsec-site-connection-delete Delete a given ipsec-site-connection.
  • ipsec-site-connection-list List ipsec-site-connections that belong to a given tenant.
  • ipsec-site-connection-show Show information of a given ipsec-site-connection.
  • ipsec-site-connection-update Update a given ipsec-site-connection.

2 API

2.1 IKE策略

获取IKE策略列表

GET

/v2.0/ikepolicies/

创建IKE策略

POST

/v2.0/ikepolicies

获取指定IKE策略

GET

/v2.0/ikepolicies/ikepolicy-id

更新指定IKE策略

UPDATE

/v2.0/ikepolicies/ikepolicy-id

删除IKE策略

DELETE

/v2.0/ikepolicies/ikepolicy-id

示例

创建IKE策略

发送参数

#!highlight javascript numbers=disable

POST /v1.0/ikepolicies

Accept: application/json

Content-Type: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "ikepolicy" : {

            "name": "ikepolicy_1",

            "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "phase1-negotiation-mode" : "main",

        "lifetime": "units=seconds,value=28800",

            "ike-version" : "v1",

            "pfs": " Group5",

           }

}

返回参数

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

"ikepolicy" : {

            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",

            "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",

            "name": "ikepolicy_1",

            "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "phase1-negotiation-mode" : "main",

        "lifetime": {

                      "units" : "seconds"

                      "value" : 28800,

             }

            "ike-version" : "v1",

            "pfs": "Group5",

        }

}

2.2 IPsec策略

获取ipsec策略列表

GET

/v2.0/ipsecpolicies/

创建ipsec策略

POST

/v2.0/ipsecpolicies

获取指定ipsec策略

GET

/v2.0/ipsecpolicies/ipsecpolicy-id

更新ipsec策略

UPDATE

/v2.0/ipsecpolicies/ipsecpolicy-id

删除ipsec策略

DELETE

/v2.0/ipsecpolicies/ipsecpolicy-id

示例

创建ipsec策略

发送参数json

#!highlight javascript numbers=disable

POST /v1.0/ipsecpolicies

Accept: application/json

Content-Type: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "ipsecpolicy" : {

            "name": "ipsecpolicy_1",

            "transform-protocol": "esp",

        "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "encapsulation-mode" : "tunnel",

            "lifetime": "units=seconds,value=28800",

            "pfs": "Group5"

          }

}

返回数据json

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

  "ipsecpolicy" : {

            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",

            "tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",

            "name": "ipsecpolicy_1",

            "transform-protocol": "esp",

        "auth-algorithm" : "sha1",

            "encryption-algorithm" : "aes-256",

            "encapsulation-mode" : "tunnel",

             "lifetime": {

                      "units" : "seconds"

                      "value" : 28800,

             }

            "pfs": "Group5"

       }

}

2.3 VPN服务

获取vpn服务列表

GET

/v2.0/vpnservices/

获取指定vpn服务

GET

/v2.0/vpnservices/vpnservice-id

创建vpn服务

POST

/v2.0/vpnservices

更新指定vpn服务

UPDATE

/v2.0/vpnservices/vpnservice-id

删除vpn服务 DELETE /v2.0/vpnservices/vpnservice-id

示例

创建vpn服务

发送数据json

#!highlight javascript numbers=disable

POST /v1.0/vpnservices

Content-Type: application/json

Accept: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "vpnservice": {

           "tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",

           "name": "cloud_vpn",

           "subnet": "96a4386a-f8c3-42ed-afce-d7954eee77b3",

       "router": "8acda86a-f8c3-42ed-afce-d7954eee77b3",

           }

}

返回数据json

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

  "vpnservice": {

           "id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",

           "tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",

           "name": "cloud_vpn",

           "subnet-id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",

       "router-id": "8acda86a-f8c3-42ed-afce-d7954eee77b3",

           "admin_state_up": true,

           "status": "PENDING_CREATE"

           }

}

2.4 连接服务

获取连接列表

GET

/v2.0/ipsec-site-connections/

创建连接

POST

/v2.0/ipsec-site-connections

获取指定连接

GET

/v2.0/ipsec-site-connections/ipsec-site-connection-id

更新连接

UPDATE

/v2.0/ipsec-site-connections/ipsec-site-connection-id

删除连接

DELETE

/v2.0/ipsec-site-connections/ipsec-site-connection-id

示例

创建连接

发送数据json

#!highlight javascript numbers=disable

POST /v1.0/ipsec-site-connections

Accept: application/json

Content-Type: application/json

X-Auth-Token:xyz

Content-Length: abc

{

  "ipsec_site_connection" : {

            "name": "ipsec_connection_1",

            "peer-address": "192.168.2.255",

            "peer-id" : "192.168.2.255",

        "peer-cidr" : "10.30.2.0/24",

            "dpd": "action=hold,interval=20,timeout=120",

           "mtu": "1500",

           "psk": "bla_bla_bla",

           "initiator": "bi-directional",

           "vpnservice-id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",

            "ikepolicy-id": "03299abc-16f5-4917-bf19-c40a9af805ed",

            "ipsecpolicy-id": "0dbc1234-16f5-4917-bf19-c40a9af805ed"

         }

}

返回数据json

#!highlight javascript numbers=disable

HTTP/1.1 202 Accepted

Content-Type: application/json

Content-Length: abc

{

  "ipsec_site_connection" : {

            "id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",

            "tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",

            "name": "ipsec_connection_1",

            "peer-address": "192.168.2.255",

            "peer-id" : "192.168.2.255",

        "peer-cidr" : "10.30.2.0/24",

            "dpd": {

                      "action" : "hold"

                      "interval" : 20,

                      "timeout" : 120,

             }

           "mtu": "1500",

           "psk": "bla_bla_bla",

           "initiator": "bi-directional",

            "vpnservice-id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",

            "ikepolicy-id": "03299abc-16f5-4917-bf19-c40a9af805ed",

            "ipsecpolicy-id": "0dbc1234-16f5-4917-bf19-c40a9af805ed",

            "admin_state_up": true,

            "status": "PENDING_CREATE"

          }

}

OpenStack-Neutron-VPNaaS-API的更多相关文章

  1. Openstack Neutron OVS ARP Responder

    ARP – Why do we need it? In any environment, be it the physical data-center, your home, or a virtual ...

  2. 深入浅出新一代云网络——VPC中的那些功能与基于OpenStack Neutron的实现(一)

    VPC的概念与基于vxlan的overlay实现很早就有了,标题中的"新"只是一个和传统网络的相对概念.但从前年开始,不同于以往基础网络架构的新一代SDN网络才真正越来越多的走进国 ...

  3. [转] OpenStack IPSec VPNaaS

    OpenStack IPSec VPNaaS ( by quqi99 ) 作者:张华  发表于:2013-08-03版权声明:可以任意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声 ...

  4. openstack neutron L3 HA

    作者:Liping Mao  发表于:2014-08-20 版权声明:能够随意转载,转载时请务必以超链接形式标明文章原始出处和作者信息及本版权声明 近期Assaf Muller写了一篇关于Neutro ...

  5. openstack Neutron分析(3)—— neutron-dhcp-agent源码分析

    1.neutron dhcp3个主要部件分别为什么?2.dhcp模块包含哪些内容?3.Dnsmasq配置文件是如何创建和更新的?4.DHCP agent的信息存放在neutron数据库的哪个表中? 扩 ...

  6. OpenStack Neutron 之 Load Balance

    OpenStack Neutron 之 Load Balance 负载均衡(Load Balance)是 OpenStack Neutron 支持的功能之一.负载均衡能够将网络请求分发到多个实际处理请 ...

  7. openstack——neutron网络服务

    一.neutron 介绍:   Neutron 概述 传统的网络管理方式很大程度上依赖于管理员手工配置和维护各种网络硬件设备:而云环境下的网络已经变得非常复杂,特别是在多租户场景里,用户随时都可能需要 ...

  8. Openstack Neutron:三层技术和实现

    目录 - 1.Neutron 三层技术简介 - 2.集中式router - 1.在节点上安装L3 agent - 2.配置外部网络 - 3.通过CLI或者Horizon 来创建路由 - 4.连接租户网 ...

  9. Openstack neutron:云数据中心底层网络架构

    目录 - 目录 - 云数据中心流量类型 - NSX整体网络结构 - 管理网络(API网络) - 租户网络 - 外联网络 - 存储网络 - openstack整体网络结构 - 管理网络:(上图中蓝线) ...

  10. Openstack Neutron L2 Population

    Why do we need it, whatever it is? VM unicast, multicast and broadcast traffic flow is detailed in m ...

随机推荐

  1. QT工程文件的条件编译选择与额外的编译参数配置

    QTCreator打开.pro工程文件后,依据不同的构建套件创建项目组.在项目组中,点开构建步骤的“详情”,增加一个自己的宏定义,比如: DEFINES+=IMX_287 然后,我们在.pro文件中添 ...

  2. 《FPGA全程进阶---实战演练》之搞定阻抗匹配

    笔者最近几天在做视频采集板卡时,视频显示端打算采用 USB2.0接口+上位机 显示,其中USB需要做阻抗匹配.通常情况下USB的阻抗值需要做到90Ω±10%.下面就讲解一下关于阻抗匹配的知识,哪里说得 ...

  3. 《FPGA全程进阶---实战演练》第三十二章 Signal Tap II 应用实例

    还有几天就要交文章终稿了,三年的研究生生活也快要结束了,时间飞快,岁月如梭,但学习技术的热情仍然不能松懈,不懂的东西太多,需要实时保持奋斗!!过些天会继续更新<FPGA全程进阶---实战演练&g ...

  4. python3命令行ImportError: No module named 'xxxx'的问题

    主要原因:启动脚本不在当前目录下,无法找到上一层 在pycharm写好的脚本程序,在命令行无法运行,报错 Traceback (most recent call last): File "t ...

  5. bootstrap 列表組

    <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title> ...

  6. Centos 使用Systemctl报Error getting authority: Error initializing authority: Error calling StartServiceByName for org.freedesktop.PolicyKit1: Timeout was reached (g-io-error-quark, 24)

    在使用centos7.4 安装服务的时候报错: Error getting authority: Error initializing authority: Error calling StartSe ...

  7. 【转】最新版PyCharm(2018.2)破解

    源链接 1.下载jar包 我突然发现这个包是通用的!IDEA,PyCharm都可以用 链接:http://idea.lanyus.com/ 上篇IDEA破解依旧是这个jar包 2.jar包放置位置将j ...

  8. php 实现双向链表

    /** * 链表元素结点类 */ class Node { public $pre = NULL; // 前驱 public $next = NULL; // 后继 public $data = NU ...

  9. 修改Linux系统默认编辑器

    修改ubuntu的默认编辑器: echo export EDITOR=/usr/bin/vim >> ~/.bashrc 故障过程: 修改过程: 强制断开连接,重新连接,修改默认编辑器:e ...

  10. VC++每个版本对应的库

    msvcp.msvcr60.71和80.dll,以及vcomp.dll(不带数字版本号)属于VC++2005版 msvcp.msvcr.vcomp90.dll属于 VC++2008版 msvcp.ms ...