OpenStack-Neutron-VPNaaS-API
1 命令
1.1 IKE策略
- vpn-ikepolicy-create Create an IKEPolicy
- vpn-ikepolicy-delete Delete a given IKE Policy.
- vpn-ikepolicy-list List IKEPolicies that belong to a given tenant.
- vpn-ikepolicy-show Show detailed information of a given IKEPolicy.
- vpn-ikepolicy-update Update a given IKE Policy.
1.2 ipsec策略
- vpn-ipsecpolicy-create Create an IPsec policy
- vpn-ipsecpolicy-delete Delete a given IPsec Policy
- vpn-ipsecpolicy-list List IPsecPolicies that belong to a given tenant * connection.
- vpn-ipsecpolicy-show Show detailed information of a given IPsec Policy
- vpn-ipsecpolicy-update Update a given IPsec Policy.
1.3 vpn服务
- vpn-service-create Create a VPNService
- vpn-service-delete Delete a given VPNService
- vpn-service-list List all VPNService for a given tenant.
- vpn-service-show Show detailed information of a given VPNService.
- vpn-service-update Update a given VPNservice.
1.4 连接
- ipsec-site-connection-create Create a ipsec-site-connection
- ipsec-site-connection-delete Delete a given ipsec-site-connection.
- ipsec-site-connection-list List ipsec-site-connections that belong to a given tenant.
- ipsec-site-connection-show Show information of a given ipsec-site-connection.
- ipsec-site-connection-update Update a given ipsec-site-connection.
2 API
2.1 IKE策略
获取IKE策略列表
GET
/v2.0/ikepolicies/
创建IKE策略
POST
/v2.0/ikepolicies
获取指定IKE策略
GET
/v2.0/ikepolicies/ikepolicy-id
更新指定IKE策略
UPDATE
/v2.0/ikepolicies/ikepolicy-id
删除IKE策略
DELETE
/v2.0/ikepolicies/ikepolicy-id
示例
创建IKE策略
发送参数
#!highlight javascript numbers=disable
POST /v1.0/ikepolicies
Accept: application/json
Content-Type: application/json
X-Auth-Token:xyz
Content-Length: abc
{
"ikepolicy" : {
"name": "ikepolicy_1",
"auth-algorithm" : "sha1",
"encryption-algorithm" : "aes-256",
"phase1-negotiation-mode" : "main",
"lifetime": "units=seconds,value=28800",
"ike-version" : "v1",
"pfs": " Group5",
}
}
返回参数
#!highlight javascript numbers=disable
HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: abc
{
"ikepolicy" : {
"id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
"tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
"name": "ikepolicy_1",
"auth-algorithm" : "sha1",
"encryption-algorithm" : "aes-256",
"phase1-negotiation-mode" : "main",
"lifetime": {
"units" : "seconds"
"value" : 28800,
}
"ike-version" : "v1",
"pfs": "Group5",
}
}
2.2 IPsec策略
获取ipsec策略列表
GET
/v2.0/ipsecpolicies/
创建ipsec策略
POST
/v2.0/ipsecpolicies
获取指定ipsec策略
GET
/v2.0/ipsecpolicies/ipsecpolicy-id
更新ipsec策略
UPDATE
/v2.0/ipsecpolicies/ipsecpolicy-id
删除ipsec策略
DELETE
/v2.0/ipsecpolicies/ipsecpolicy-id
示例
创建ipsec策略
发送参数json
#!highlight javascript numbers=disable
POST /v1.0/ipsecpolicies
Accept: application/json
Content-Type: application/json
X-Auth-Token:xyz
Content-Length: abc
{
"ipsecpolicy" : {
"name": "ipsecpolicy_1",
"transform-protocol": "esp",
"auth-algorithm" : "sha1",
"encryption-algorithm" : "aes-256",
"encapsulation-mode" : "tunnel",
"lifetime": "units=seconds,value=28800",
"pfs": "Group5"
}
}
返回数据json
#!highlight javascript numbers=disable
HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: abc
{
"ipsecpolicy" : {
"id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
"tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",
"name": "ipsecpolicy_1",
"transform-protocol": "esp",
"auth-algorithm" : "sha1",
"encryption-algorithm" : "aes-256",
"encapsulation-mode" : "tunnel",
"lifetime": {
"units" : "seconds"
"value" : 28800,
}
"pfs": "Group5"
}
}
2.3 VPN服务
获取vpn服务列表
GET
/v2.0/vpnservices/
获取指定vpn服务
GET
/v2.0/vpnservices/vpnservice-id
创建vpn服务
POST
/v2.0/vpnservices
更新指定vpn服务
UPDATE
/v2.0/vpnservices/vpnservice-id
删除vpn服务 DELETE /v2.0/vpnservices/vpnservice-id
示例
创建vpn服务
发送数据json
#!highlight javascript numbers=disable
POST /v1.0/vpnservices
Content-Type: application/json
Accept: application/json
X-Auth-Token:xyz
Content-Length: abc
{
"vpnservice": {
"tenant_id": "310df60f-2a10-4ee5-9554-98393092194c",
"name": "cloud_vpn",
"subnet": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
"router": "8acda86a-f8c3-42ed-afce-d7954eee77b3",
}
}
返回数据json
#!highlight javascript numbers=disable
HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: abc
{
"vpnservice": {
"id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
"tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",
"name": "cloud_vpn",
"subnet-id": "96a4386a-f8c3-42ed-afce-d7954eee77b3",
"router-id": "8acda86a-f8c3-42ed-afce-d7954eee77b3",
"admin_state_up": true,
"status": "PENDING_CREATE"
}
}
2.4 连接服务
获取连接列表
GET
/v2.0/ipsec-site-connections/
创建连接
POST
/v2.0/ipsec-site-connections
获取指定连接
GET
/v2.0/ipsec-site-connections/ipsec-site-connection-id
更新连接
UPDATE
/v2.0/ipsec-site-connections/ipsec-site-connection-id
删除连接
DELETE
/v2.0/ipsec-site-connections/ipsec-site-connection-id
示例
创建连接
发送数据json
#!highlight javascript numbers=disable
POST /v1.0/ipsec-site-connections
Accept: application/json
Content-Type: application/json
X-Auth-Token:xyz
Content-Length: abc
{
"ipsec_site_connection" : {
"name": "ipsec_connection_1",
"peer-address": "192.168.2.255",
"peer-id" : "192.168.2.255",
"peer-cidr" : "10.30.2.0/24",
"dpd": "action=hold,interval=20,timeout=120",
"mtu": "1500",
"psk": "bla_bla_bla",
"initiator": "bi-directional",
"vpnservice-id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
"ikepolicy-id": "03299abc-16f5-4917-bf19-c40a9af805ed",
"ipsecpolicy-id": "0dbc1234-16f5-4917-bf19-c40a9af805ed"
}
}
返回数据json
#!highlight javascript numbers=disable
HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: abc
{
"ipsec_site_connection" : {
"id":"cfc6589d-f949-4c66-99d2-c2da56ef3764",
"tenant-id": "310df60f-2a10-4ee5-9554-98393092194c",
"name": "ipsec_connection_1",
"peer-address": "192.168.2.255",
"peer-id" : "192.168.2.255",
"peer-cidr" : "10.30.2.0/24",
"dpd": {
"action" : "hold"
"interval" : 20,
"timeout" : 120,
}
"mtu": "1500",
"psk": "bla_bla_bla",
"initiator": "bi-directional",
"vpnservice-id": "02b1fef7-16f5-4917-bf19-c40a9af805ed",
"ikepolicy-id": "03299abc-16f5-4917-bf19-c40a9af805ed",
"ipsecpolicy-id": "0dbc1234-16f5-4917-bf19-c40a9af805ed",
"admin_state_up": true,
"status": "PENDING_CREATE"
}
}