IBM Cloud Docs
更新到 2024-04-30 版本 (VPN 网关连接)

更新到 2024-04-30 版本 (VPN 网关连接)

VPC API 参考 版本控制 策略中所述,对 VPC API 的大多数更改完全向后兼容,并且可供所有客户机使用,而不考虑客户机请求的 API 版本。 但是,VPC API 的 2024-04-30 发行版需要在支持 VPN 网关连接方面进行不兼容的更改。

在采用发行版 2024-04-30 或更高版本之前,请查看本迁移指南中描述的可能需要您更新客户机的更改。

已更改 VPN 网关连接属性

对于使用 version 查询参数 2024-04-30 或更高版本的 API 请求,以下 VPN 网关连接属性已更改。

为 VPN 网关创建连接 (POST /vpn_gateways/{vpn_gateway_id}/connections) 时:

创建 VPN 连接时的新旧属性。
旧属性 新建属性
peer_address peer.address
peer_cidrs peer.cidrs
local_cidrs local.cidrs

更新 VPN 网关连接 (PATCH /vpn_gateways/{vpn_gateway_id}/connections/{id}) 时:

更新 VPN 连接时的新旧属性。
旧属性 新建属性
peer_address peer.address

对基于策略的 VPN 网关发出以下请求时,响应中的属性已更改:

  • 正在创建 (POST /vpn_gateways/{vpn_gateway_id}/connections)
  • 正在检索 (GET /vpn_gateways/{vpn_gateway_id}/connections/{id})
  • 更新 VPN 网关连接 (PATCH /vpn_gateways/{vpn_gateway_id}/connections/{id})
  • 列出 VPN 网关的所有连接 (GET /vpn_gateways/{vpn_gateway_id}/connections)
  • 列出 所有使用指定 IKE 策略的 VPN 网关连接 (GET /ike_policies/{id}/connections)
  • 列出 所有使用指定 IPsec 策略的 VPN 网关连接 (GET /ipsec_policies/{id}/connections)
基于策略的 VPN 网关的新旧属性。
旧属性 新建属性
local_cidrs local.cidrs
peer_cidrs peer.cidrs
peer_address peer.addresspeer.fqdn (如下所述)

属性 peer_address 替换为 peer.addresspeer.fqdn,具体取决于在创建连接时是使用 IPv4 地址还是 FQDN 来指定对等方。 更新代码以在响应中检查 peer.type。 如果 peer.typeaddress,那么响应具有 peer.address。 如果 peer.typefqdn,那么响应具有 peer.fqdn

如果在创建连接时指定了 peer.fqdn,并且指定了 version 查询参数 2024-04-29 或更低版本,那么 peer_address 将具有与 peer.fqdn 相关联的 IP 地址。

对于使用 version 查询参数 2024-04-29 或更低版本的 API 请求,仍然支持旧的 VPN 网关连接属性和方法。

已更改 VPN 网关连接 API 路径

下表列出了使用 version 查询参数 2024-04-30 或更高版本的 API 请求的方法及其更改的路径。

使用 2024-04-30 或更高版本查询参数的 API 请求的方法及其更改路径。
方法 旧路径 新路径
GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs /vpn_gateways/{vpn_gateway_id}/connections/{id}/local/cidrs
GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer/cidrs
DELETE /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length} /vpn_gateways/{vpn_gateway_id}/connections/{id}/local/cidrs/{cidr}
GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length} /vpn_gateways/{vpn_gateway_id}/connections/{id}/local/cidrs/{cidr}
PUT /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length} /vpn_gateways/{vpn_gateway_id}/connections/{id}/local/cidrs/{cidr}
DELETE /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length} /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer/cidrs/{cidr}
GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length} /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer/cidrs/{cidr}
PUT /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length} /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer/cidrs/{cidr}

更改了设置VPN网关连接CIDR时的 HTTP 响应代码

设置本地 CIDR 或在 VPN 网关连接上 设置对等 CIDR 时,响应现在包含 201 如果成功设置了 CIDR,则 HTTP 成功代码,或者 204 如果已设置 CIDR,HTTP 成功代码。

需要采取的行动

在指定 2024-04-30 或更高版本的 version 查询参数之前,请执行以下操作以避免客户机功能中的回归。

如果客户机继续指定 V 2023-04-29 或更低版本,那么不需要进行任何更改。

客户机迁移

在将客户机迁移到 API V 2024-04-30 或更高版本之前,请查看使用以下方法的代码:

  • POST /vpn_gateways/{vpn_gateway_id}/connections
  • PATCH /vpn_gateways/{vpn_gateway_id}/connections/{id}
  • GET /vpn_gateways/{vpn_gateway_id}/connections
  • GET /vpn_gateways/{vpn_gateway_id}/connections/{id}
  • GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs
  • DELETE /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length}
  • GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length}
  • PUT /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length}
  • GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs
  • DELETE /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length}
  • GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length}
  • PUT /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length}
  • GET /ike_policies/{id}/connections
  • GET /ipsec_policies/{id}/connections

查看 API 更改日志 中声明的更改,并验证代码是否以适合编程语言的方式采用这些更改。

示例

这些示例比较 2024-04-30 版本化更改前后的差异。

创建 VPN 连接

以下示例使用 API V 2024-04-29 或更低版本来创建 VPN 连接。 -d 选项指定 peer_addresslocal_cidrspeer_cidrs 属性。

curl -X POST "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
 -d '{
    "name": "my-vpn-connection-1",
    "psk": "lkj14b1oi0alcniejkso",
    "peer_address": "1.2.3.4",
    "local_cidrs": ["192.168.0.0/24"],
    "peer_cidrs": ["192.168.210.0/24"]
  }'

以下示例使用 API V 2024-04-30 或更高版本来创建 VPN 连接。 -d 选项指定 peer.addresslocal.cidrspeer.cidrs 属性。

curl -X POST "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
 -d '{
    "name": "my-vpn-connection-1",
    "psk": "lkj14b1oi0alcniejkso",
    "local": {
      "cidrs": ["192.168.0.0/24"]
    },
    "peer": {
      "cidrs": ["192.168.210.0/24"],
      "address": "1.2.3.4"
    }
  }'

更新 VPN 连接

以下示例使用 API V 2024-04-29 或更低版本来更新 VPN 连接。 -d 选项指定 peer_address 属性。

curl -X PATCH "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
 -d '{
    "peer_address": "1.2.3.4"
  }'

以下示例使用 API V 2024-04-30 或更高版本来更新 VPN 连接。 -d 选项指定 peer.address 属性。

curl -X PATCH "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
 -d '{
    "peer": {
      "address": "1.2.3.4"
    }
  }'

列示 VPN 连接

以下示例使用 API V 2024-04-29 或更低版本来列出 VPN 连接。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"

响应包含 peer_addresslocal_cidrspeer_cidrs 属性:

{
  "connections": [
    {
      "admin_state_up": true,
      "authentication_mode": "psk",
      "created_at": "2018-12-13T19:40:12.124082Z",
      "dead_peer_detection": {
        "action": "none",
        "interval": 15,
        "timeout": 30
      },
      "href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
      "id": "52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
      "local_cidrs": [
        "192.0.2.50/24"
      ],
      "mode": "policy",
      "name": "my-vpn-connection-1",
      "peer_address": "192.0.2.5",
      "peer_cidrs": [
        "192.0.2.40/24"
      ],
      "psk": "lkj14b1oi0alcniejkso",
      "resource_type": "vpn_gateway_connection",
      "status": "down",
      "status_reasons": []
    },
    {
      "admin_state_up": true,
      "authentication_mode": "psk",
      "created_at": "2018-12-13T19:39:47.938464Z",
      "dead_peer_detection": {
        "action": "none",
        "interval": 15,
        "timeout": 30
      },
      "href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/b67efb2c-bd17-457d-be8e-7b46404062dc",
      "id": "b67efb2c-bd17-457d-be8e-7b46404062dc",
      "ike_policy": {
        "href": "https://us-south.iaas.cloud.ibm.com/v1/ike_policies/e98f46a3-1e4e-4195-b4e5-b8155192689d",
        "id": "e98f46a3-1e4e-4195-b4e5-b8155192689d",
        "name": "my-ike-policy",
        "resource_type": "ike_policy"
      },
      "ipsec_policy": {
        "href": "https://us-south.iaas.cloud.ibm.com/v1/ipsec_policies/43c2f663-3960-4289-9253-f6eab23a6cd7",
        "id": "43c2f663-3960-4289-9253-f6eab23a6cd7",
        "name": "my-ipsec-policy",
        "resource_type": "ipsec_policy"
      },
      "local_cidrs": [
        "192.0.2.50/24"
      ],
      "mode": "policy",
      "name": "my-vpn-connection-2",
      "peer_address": "192.0.2.5",
      "peer_cidrs": [
        "192.0.2.40/24"
      ],
      "psk": "lkj14b1oi0alcniejkso",
      "resource_type": "vpn_gateway_connection",
      "status": "down",
      "status_reasons": []
    }
  ]
}

以下示例使用 API V 2024-04-30 或更高版本来列出 VPN 连接。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"

响应包含 peer.addresslocal.cidrspeer.cidrs 属性:

{
  "connections": [
    {
      "admin_state_up": true,
      "authentication_mode": "psk",
      "created_at": "2018-12-13T19:40:12.124082Z",
      "dead_peer_detection": {
        "action": "none",
        "interval": 15,
        "timeout": 30
      },
      "establish_mode": "peer_only",
      "href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
      "id": "52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
      "local": {
        "cidrs": [
          "192.0.2.0/24"
        ],
        "ike_identities": [
          {
            "type": "ipv4_address",
            "value": "192.0.2.4"
          }
        ]
      },
      "mode": "policy",
      "name": "my-vpn-connection-1",
      "peer": {
        "address": "192.0.2.5",
        "cidrs": [
          "192.0.3.0/24"
        ],
        "ike_identity": {
          "type": "ipv4_address",
          "value": "192.0.2.5"
        },
        "type": "address"
      },
      "psk": "lkj14b1oi0alcniejkso",
      "resource_type": "vpn_gateway_connection",
      "status": "down",
      "status_reasons": []
    },
    {
      "admin_state_up": true,
      "authentication_mode": "psk",
      "created_at": "2018-12-13T19:39:47.938464Z",
      "dead_peer_detection": {
        "action": "none",
        "interval": 15,
        "timeout": 30
      },
      "establish_mode": "bidirectional",
      "href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/b67efb2c-bd17-457d-be8e-7b46404062dc",
      "id": "b67efb2c-bd17-457d-be8e-7b46404062dc",
      "ike_policy": {
        "href": "https://us-south.iaas.cloud.ibm.com/v1/ike_policies/e98f46a3-1e4e-4195-b4e5-b8155192689d",
        "id": "e98f46a3-1e4e-4195-b4e5-b8155192689d",
        "name": "my-ike-policy",
        "resource_type": "ike_policy"
      },
      "ipsec_policy": {
        "href": "https://us-south.iaas.cloud.ibm.com/v1/ipsec_policies/43c2f663-3960-4289-9253-f6eab23a6cd7",
        "id": "43c2f663-3960-4289-9253-f6eab23a6cd7",
        "name": "my-ipsec-policy",
        "resource_type": "ipsec_policy"
      },
      "local": {
        "cidrs": [
          "192.0.2.0/24"
        ],
        "ike_identities": [
          {
            "type": "ipv4_address",
            "value": "192.0.2.4"
          }
        ]
      },
      "mode": "policy",
      "name": "my-vpn-connection-2",
      "peer": {
        "address": "192.0.2.5",
        "cidrs": [
          "192.0.3.0/24"
        ],
        "ike_identity": {
          "type": "ipv4_address",
          "value": "192.0.2.5"
        },
        "type": "address"
      },
      "psk": "lkj14b1oi0alcniejkso",
      "resource_type": "vpn_gateway_connection",
      "status": "down",
      "status_reasons": []
    }
  ]
}

获取 VPN 连接

以下示例使用 API V 2024-04-29 或更低版本来获取 VPN 连接。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"

响应包含 peer_addresslocal_cidrspeer_cidrs 属性:

{
  "admin_state_up": true,
  "authentication_mode": "psk",
  "created_at": "2018-12-13T19:40:12.124082Z",
  "dead_peer_detection": {
    "action": "none",
    "interval": 15,
    "timeout": 30
  },
  "href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
  "id": "52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
  "local_cidrs": [
    "192.0.2.50/24"
  ],
  "mode": "policy",
  "name": "my-vpn-connection-1",
  "peer_address": "192.0.2.5",
  "peer_cidrs": [
    "192.0.2.40/24"
  ],
  "psk": "lkj14b1oi0alcniejkso",
  "resource_type": "vpn_gateway_connection",
  "status": "down",
  "status_reasons": []
}

以下示例使用 API V 2024-04-30 或更高版本来获取 VPN 连接。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"

响应包含 peer.addresslocal.cidrspeer.cidrs 属性:

{
  "admin_state_up": true,
  "authentication_mode": "psk",
  "created_at": "2018-12-13T19:40:12.124082Z",
  "dead_peer_detection": {
    "action": "none",
    "interval": 15,
    "timeout": 30
  },
  "establish_mode": "bidirectional",
  "href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
  "id": "52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
  "local": {
    "cidrs": [
      "192.0.2.0/24"
    ],
    "ike_identities": [
      {
        "type": "ipv4_address",
        "value": "192.0.2.4"
      }
    ]
  },
  "mode": "policy",
  "name": "my-vpn-connection-1",
  "peer": {
    "address": "192.0.2.5",
    "cidrs": [
      "192.0.3.0/24"
    ],
    "ike_identity": {
      "type": "ipv4_address",
      "value": "192.0.2.5"
    },
    "type": "address"
  },
  "psk": "lkj14b1oi0alcniejkso",
  "resource_type": "vpn_gateway_connection",
  "status": "down",
  "status_reasons": []
}

列出本地 CIDR

以下示例使用 API 版本 2024-04-29 或更低版本来列出本地 CIDR。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local_cidrs?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"

响应具有 local_cidrs 属性:

{
  "local_cidrs": [
    "192.168.19.0/24"
  ]
}

以下示例使用 API 版本 2024-04-30 或更高版本来列出本地 CIDR。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local/cidrs?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"

响应具有 cidrs 属性:

{
  "cidrs": [
    "192.168.19.0/24"
  ]
}

除去本地 CIDR

以下示例使用 API V 2024-04-29 或更低版本来除去本地 CIDR。

curl -X DELETE "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"

以下示例使用 API V 2024-04-30 或更高版本来除去本地 CIDR。

curl -X DELETE "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"

获取本地 CIDR

以下示例使用 API 版本 2024-04-29 或更低版本来获取本地 CIDR。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"

成功响应代码为 204

以下示例使用 API 版本 2024-04-30 或更高版本来获取本地 CIDR。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"

成功响应代码为 204

设置本地 CIDR

以下示例使用 API 版本 2024-04-29 或更低版本来设置本地 CIDR。

curl -X PUT "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"

成功响应代码为 204

以下示例使用 API 版本 2024-04-30 或更高版本来设置本地 CIDR。

curl -X PUT "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"

如果设置成功,那么响应代码为 201 ; 如果 CIDR 已存在,那么响应代码为 204

列出同级 CIDR

以下示例使用 API 版本 2024-04-29 或更低版本来列出同级 CIDR。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer_cidrs?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"

响应具有 peer_cidrs 属性:

{
  "peer_cidrs": [
    "192.0.2.40/24"
  ]
}

以下示例使用 API 版本 2024-04-30 或更高版本来列出同级 CIDR。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer/cidrs?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"

响应具有 cidrs 属性:

{
  "cidrs": [
    "192.168.20.0/24"
  ]
}

除去同级 CIDR

以下示例使用 API V 2024-04-29 或更低版本来除去对等 CIDR。

curl -X DELETE "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"

以下示例使用 API V 2024-04-30 或更高版本来除去同级 CIDR。

curl -X DELETE "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"

获取同级 CIDR

以下示例使用 API V 2024-04-29 或更低版本来获取同级 CIDR。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"

成功响应代码为 204

以下示例使用 API 版本 2024-04-30 或更高版本来获取同级 CIDR。

curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"

成功响应代码为 204

设置对等 CIDR

以下示例使用 API V 2024-04-29 或更低版本来设置对等 CIDR。

curl -X PUT "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"

成功响应代码为 204

以下示例使用 API 版本 2024-04-30 或更高版本来设置对等 CIDR。

curl -X PUT "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"

如果设置成功,那么响应代码为 201 ; 如果 CIDR 已存在,那么响应代码为 204