更新到 2024-04-30
版本 (VPN 网关连接)
如 VPC API 参考 版本控制 策略中所述,对 VPC API 的大多数更改完全向后兼容,并且可供所有客户机使用,而不考虑客户机请求的 API 版本。 但是,VPC API 的 2024-04-30
发行版需要在支持 VPN 网关连接方面进行不兼容的更改。
在采用发行版 2024-04-30
或更高版本之前,请查看本迁移指南中描述的可能需要您更新客户机的更改。
已更改 VPN 网关连接属性
对于使用 version
查询参数 2024-04-30
或更高版本的 API 请求,以下 VPN 网关连接属性已更改。
当 为 VPN 网关创建连接 (POST /vpn_gateways/{vpn_gateway_id}/connections
) 时:
旧属性 | 新建属性 |
---|---|
peer_address |
peer.address |
peer_cidrs |
peer.cidrs |
local_cidrs |
local.cidrs |
当 更新 VPN 网关连接 (PATCH /vpn_gateways/{vpn_gateway_id}/connections/{id}
) 时:
旧属性 | 新建属性 |
---|---|
peer_address |
peer.address |
对基于策略的 VPN 网关发出以下请求时,响应中的属性已更改:
- 正在创建 (
POST /vpn_gateways/{vpn_gateway_id}/connections
) - 正在检索 (
GET /vpn_gateways/{vpn_gateway_id}/connections/{id}
) - 更新 VPN 网关连接 (
PATCH /vpn_gateways/{vpn_gateway_id}/connections/{id}
) - 列出 VPN 网关的所有连接 (
GET /vpn_gateways/{vpn_gateway_id}/connections
) - 列出 所有使用指定 IKE 策略的 VPN 网关连接 (
GET /ike_policies/{id}/connections
) - 列出 所有使用指定 IPsec 策略的 VPN 网关连接 (
GET /ipsec_policies/{id}/connections
)
旧属性 | 新建属性 |
---|---|
local_cidrs |
local.cidrs |
peer_cidrs |
peer.cidrs |
peer_address |
peer.address 或 peer.fqdn (如下所述) |
属性 peer_address
替换为 peer.address
或 peer.fqdn
,具体取决于在创建连接时是使用 IPv4 地址还是 FQDN 来指定对等方。 更新代码以在响应中检查 peer.type
。 如果 peer.type
为 address
,那么响应具有 peer.address
。
如果 peer.type
为 fqdn
,那么响应具有 peer.fqdn
。
如果在创建连接时指定了 peer.fqdn
,并且指定了 version
查询参数 2024-04-29
或更低版本,那么 peer_address
将具有与 peer.fqdn
相关联的 IP 地址。
对于使用 version
查询参数 2024-04-29
或更低版本的 API 请求,仍然支持旧的 VPN 网关连接属性和方法。
已更改 VPN 网关连接 API 路径
下表列出了使用 version
查询参数 2024-04-30
或更高版本的 API 请求的方法及其更改的路径。
方法 | 旧路径 | 新路径 |
---|---|---|
GET |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/local/cidrs |
GET |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/peer/cidrs |
DELETE |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length} |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/local/cidrs/{cidr} |
GET |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length} |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/local/cidrs/{cidr} |
PUT |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length} |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/local/cidrs/{cidr} |
DELETE |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length} |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/peer/cidrs/{cidr} |
GET |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length} |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/peer/cidrs/{cidr} |
PUT |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length} |
/vpn_gateways/{vpn_gateway_id}/connections/{id}/peer/cidrs/{cidr} |
更改了设置VPN网关连接CIDR时的 HTTP 响应代码
在 设置本地 CIDR 或在 VPN 网关连接上 设置对等 CIDR 时,响应现在包含 201
如果成功设置了 CIDR,则 HTTP 成功代码,或者 204
如果已设置 CIDR,HTTP 成功代码。
需要采取的行动
在指定 2024-04-30
或更高版本的 version
查询参数之前,请执行以下操作以避免客户机功能中的回归。
如果客户机继续指定 V 2023-04-29
或更低版本,那么不需要进行任何更改。
客户机迁移
在将客户机迁移到 API V 2024-04-30
或更高版本之前,请查看使用以下方法的代码:
POST /vpn_gateways/{vpn_gateway_id}/connections
PATCH /vpn_gateways/{vpn_gateway_id}/connections/{id}
GET /vpn_gateways/{vpn_gateway_id}/connections
GET /vpn_gateways/{vpn_gateway_id}/connections/{id}
GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs
DELETE /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length}
GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length}
PUT /vpn_gateways/{vpn_gateway_id}/connections/{id}/local_cidrs/{cidr_prefix}/{prefix_length}
GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs
DELETE /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length}
GET /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length}
PUT /vpn_gateways/{vpn_gateway_id}/connections/{id}/peer_cidrs/{cidr_prefix}/{prefix_length}
GET /ike_policies/{id}/connections
GET /ipsec_policies/{id}/connections
查看 API 更改日志 中声明的更改,并验证代码是否以适合编程语言的方式采用这些更改。
示例
这些示例比较 2024-04-30
版本化更改前后的差异。
创建 VPN 连接
以下示例使用 API V 2024-04-29
或更低版本来创建 VPN 连接。 -d
选项指定 peer_address
,local_cidrs
和 peer_cidrs
属性。
curl -X POST "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
-d '{
"name": "my-vpn-connection-1",
"psk": "lkj14b1oi0alcniejkso",
"peer_address": "1.2.3.4",
"local_cidrs": ["192.168.0.0/24"],
"peer_cidrs": ["192.168.210.0/24"]
}'
以下示例使用 API V 2024-04-30
或更高版本来创建 VPN 连接。 -d
选项指定 peer.address
,local.cidrs
和 peer.cidrs
属性。
curl -X POST "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
-d '{
"name": "my-vpn-connection-1",
"psk": "lkj14b1oi0alcniejkso",
"local": {
"cidrs": ["192.168.0.0/24"]
},
"peer": {
"cidrs": ["192.168.210.0/24"],
"address": "1.2.3.4"
}
}'
更新 VPN 连接
以下示例使用 API V 2024-04-29
或更低版本来更新 VPN 连接。 -d
选项指定 peer_address
属性。
curl -X PATCH "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
-d '{
"peer_address": "1.2.3.4"
}'
以下示例使用 API V 2024-04-30
或更高版本来更新 VPN 连接。 -d
选项指定 peer.address
属性。
curl -X PATCH "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
-d '{
"peer": {
"address": "1.2.3.4"
}
}'
列示 VPN 连接
以下示例使用 API V 2024-04-29
或更低版本来列出 VPN 连接。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
响应包含 peer_address
,local_cidrs
和 peer_cidrs
属性:
{
"connections": [
{
"admin_state_up": true,
"authentication_mode": "psk",
"created_at": "2018-12-13T19:40:12.124082Z",
"dead_peer_detection": {
"action": "none",
"interval": 15,
"timeout": 30
},
"href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
"id": "52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
"local_cidrs": [
"192.0.2.50/24"
],
"mode": "policy",
"name": "my-vpn-connection-1",
"peer_address": "192.0.2.5",
"peer_cidrs": [
"192.0.2.40/24"
],
"psk": "lkj14b1oi0alcniejkso",
"resource_type": "vpn_gateway_connection",
"status": "down",
"status_reasons": []
},
{
"admin_state_up": true,
"authentication_mode": "psk",
"created_at": "2018-12-13T19:39:47.938464Z",
"dead_peer_detection": {
"action": "none",
"interval": 15,
"timeout": 30
},
"href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/b67efb2c-bd17-457d-be8e-7b46404062dc",
"id": "b67efb2c-bd17-457d-be8e-7b46404062dc",
"ike_policy": {
"href": "https://us-south.iaas.cloud.ibm.com/v1/ike_policies/e98f46a3-1e4e-4195-b4e5-b8155192689d",
"id": "e98f46a3-1e4e-4195-b4e5-b8155192689d",
"name": "my-ike-policy",
"resource_type": "ike_policy"
},
"ipsec_policy": {
"href": "https://us-south.iaas.cloud.ibm.com/v1/ipsec_policies/43c2f663-3960-4289-9253-f6eab23a6cd7",
"id": "43c2f663-3960-4289-9253-f6eab23a6cd7",
"name": "my-ipsec-policy",
"resource_type": "ipsec_policy"
},
"local_cidrs": [
"192.0.2.50/24"
],
"mode": "policy",
"name": "my-vpn-connection-2",
"peer_address": "192.0.2.5",
"peer_cidrs": [
"192.0.2.40/24"
],
"psk": "lkj14b1oi0alcniejkso",
"resource_type": "vpn_gateway_connection",
"status": "down",
"status_reasons": []
}
]
}
以下示例使用 API V 2024-04-30
或更高版本来列出 VPN 连接。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
响应包含 peer.address
,local.cidrs
和 peer.cidrs
属性:
{
"connections": [
{
"admin_state_up": true,
"authentication_mode": "psk",
"created_at": "2018-12-13T19:40:12.124082Z",
"dead_peer_detection": {
"action": "none",
"interval": 15,
"timeout": 30
},
"establish_mode": "peer_only",
"href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
"id": "52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
"local": {
"cidrs": [
"192.0.2.0/24"
],
"ike_identities": [
{
"type": "ipv4_address",
"value": "192.0.2.4"
}
]
},
"mode": "policy",
"name": "my-vpn-connection-1",
"peer": {
"address": "192.0.2.5",
"cidrs": [
"192.0.3.0/24"
],
"ike_identity": {
"type": "ipv4_address",
"value": "192.0.2.5"
},
"type": "address"
},
"psk": "lkj14b1oi0alcniejkso",
"resource_type": "vpn_gateway_connection",
"status": "down",
"status_reasons": []
},
{
"admin_state_up": true,
"authentication_mode": "psk",
"created_at": "2018-12-13T19:39:47.938464Z",
"dead_peer_detection": {
"action": "none",
"interval": 15,
"timeout": 30
},
"establish_mode": "bidirectional",
"href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/b67efb2c-bd17-457d-be8e-7b46404062dc",
"id": "b67efb2c-bd17-457d-be8e-7b46404062dc",
"ike_policy": {
"href": "https://us-south.iaas.cloud.ibm.com/v1/ike_policies/e98f46a3-1e4e-4195-b4e5-b8155192689d",
"id": "e98f46a3-1e4e-4195-b4e5-b8155192689d",
"name": "my-ike-policy",
"resource_type": "ike_policy"
},
"ipsec_policy": {
"href": "https://us-south.iaas.cloud.ibm.com/v1/ipsec_policies/43c2f663-3960-4289-9253-f6eab23a6cd7",
"id": "43c2f663-3960-4289-9253-f6eab23a6cd7",
"name": "my-ipsec-policy",
"resource_type": "ipsec_policy"
},
"local": {
"cidrs": [
"192.0.2.0/24"
],
"ike_identities": [
{
"type": "ipv4_address",
"value": "192.0.2.4"
}
]
},
"mode": "policy",
"name": "my-vpn-connection-2",
"peer": {
"address": "192.0.2.5",
"cidrs": [
"192.0.3.0/24"
],
"ike_identity": {
"type": "ipv4_address",
"value": "192.0.2.5"
},
"type": "address"
},
"psk": "lkj14b1oi0alcniejkso",
"resource_type": "vpn_gateway_connection",
"status": "down",
"status_reasons": []
}
]
}
获取 VPN 连接
以下示例使用 API V 2024-04-29
或更低版本来获取 VPN 连接。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
响应包含 peer_address
,local_cidrs
和 peer_cidrs
属性:
{
"admin_state_up": true,
"authentication_mode": "psk",
"created_at": "2018-12-13T19:40:12.124082Z",
"dead_peer_detection": {
"action": "none",
"interval": 15,
"timeout": 30
},
"href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
"id": "52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
"local_cidrs": [
"192.0.2.50/24"
],
"mode": "policy",
"name": "my-vpn-connection-1",
"peer_address": "192.0.2.5",
"peer_cidrs": [
"192.0.2.40/24"
],
"psk": "lkj14b1oi0alcniejkso",
"resource_type": "vpn_gateway_connection",
"status": "down",
"status_reasons": []
}
以下示例使用 API V 2024-04-30
或更高版本来获取 VPN 连接。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
响应包含 peer.address
,local.cidrs
和 peer.cidrs
属性:
{
"admin_state_up": true,
"authentication_mode": "psk",
"created_at": "2018-12-13T19:40:12.124082Z",
"dead_peer_detection": {
"action": "none",
"interval": 15,
"timeout": 30
},
"establish_mode": "bidirectional",
"href": "https://us-south.iaas.cloud.ibm.com/v1/vpn_gateways/a7d258d5-be1e-491d-83db-526d8d9a2ce9/connections/52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
"id": "52f69dc3-6a5c-4bcf-b264-e7fae279b15c",
"local": {
"cidrs": [
"192.0.2.0/24"
],
"ike_identities": [
{
"type": "ipv4_address",
"value": "192.0.2.4"
}
]
},
"mode": "policy",
"name": "my-vpn-connection-1",
"peer": {
"address": "192.0.2.5",
"cidrs": [
"192.0.3.0/24"
],
"ike_identity": {
"type": "ipv4_address",
"value": "192.0.2.5"
},
"type": "address"
},
"psk": "lkj14b1oi0alcniejkso",
"resource_type": "vpn_gateway_connection",
"status": "down",
"status_reasons": []
}
列出本地 CIDR
以下示例使用 API 版本 2024-04-29
或更低版本来列出本地 CIDR。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local_cidrs?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
响应具有 local_cidrs
属性:
{
"local_cidrs": [
"192.168.19.0/24"
]
}
以下示例使用 API 版本 2024-04-30
或更高版本来列出本地 CIDR。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local/cidrs?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
响应具有 cidrs
属性:
{
"cidrs": [
"192.168.19.0/24"
]
}
除去本地 CIDR
以下示例使用 API V 2024-04-29
或更低版本来除去本地 CIDR。
curl -X DELETE "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
以下示例使用 API V 2024-04-30
或更高版本来除去本地 CIDR。
curl -X DELETE "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
获取本地 CIDR
以下示例使用 API 版本 2024-04-29
或更低版本来获取本地 CIDR。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
成功响应代码为 204
。
以下示例使用 API 版本 2024-04-30
或更高版本来获取本地 CIDR。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
成功响应代码为 204
。
设置本地 CIDR
以下示例使用 API 版本 2024-04-29
或更低版本来设置本地 CIDR。
curl -X PUT "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
成功响应代码为 204
。
以下示例使用 API 版本 2024-04-30
或更高版本来设置本地 CIDR。
curl -X PUT "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/local/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
如果设置成功,那么响应代码为 201
; 如果 CIDR 已存在,那么响应代码为 204
。
列出同级 CIDR
以下示例使用 API 版本 2024-04-29
或更低版本来列出同级 CIDR。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer_cidrs?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
响应具有 peer_cidrs
属性:
{
"peer_cidrs": [
"192.0.2.40/24"
]
}
以下示例使用 API 版本 2024-04-30
或更高版本来列出同级 CIDR。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer/cidrs?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
响应具有 cidrs
属性:
{
"cidrs": [
"192.168.20.0/24"
]
}
除去同级 CIDR
以下示例使用 API V 2024-04-29
或更低版本来除去对等 CIDR。
curl -X DELETE "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
以下示例使用 API V 2024-04-30
或更高版本来除去同级 CIDR。
curl -X DELETE "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
获取同级 CIDR
以下示例使用 API V 2024-04-29
或更低版本来获取同级 CIDR。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
成功响应代码为 204
。
以下示例使用 API 版本 2024-04-30
或更高版本来获取同级 CIDR。
curl -X GET "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
成功响应代码为 204
。
设置对等 CIDR
以下示例使用 API V 2024-04-29
或更低版本来设置对等 CIDR。
curl -X PUT "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer_cidrs/$cidr_prefix/$prefix_length?version=2024-04-29&generation=2"
-H "Authorization: $iam_token"
成功响应代码为 204
。
以下示例使用 API 版本 2024-04-30
或更高版本来设置对等 CIDR。
curl -X PUT "$vpc_api_endpoint/v1/vpn_gateways/$vpn_gateway_id/connections/$id/peer/cidrs/$cidr?version=2024-04-30&generation=2"
-H "Authorization: $iam_token"
如果设置成功,那么响应代码为 201
; 如果 CIDR 已存在,那么响应代码为 204
。