Upload
others
View
21
Download
0
Embed Size (px)
Citation preview
Contents
1 API Calling..................................................................................................................................... 11.1 Service Usage................................................................................................................................................................. 11.2 Request Methods............................................................................................................................................................ 11.3 Request Authentication Methods....................................................................................................................................21.4 Token Authentication......................................................................................................................................................21.5 AK/SK Authentication................................................................................................................................................... 31.5.1 AK and SK Generation................................................................................................................................................31.5.2 Request Signing Procedure..........................................................................................................................................41.5.3 Sample Code................................................................................................................................................................41.6 Obtaining a Project ID..................................................................................................................................................12
2 Common Message Headers....................................................................................................... 132.1 Common Request Headers........................................................................................................................................... 132.2 Common Response Headers.........................................................................................................................................15
3 Virtual Private Cloud..................................................................................................................163.1 Creating a VPC.............................................................................................................................................................163.2 Querying VPC Details.................................................................................................................................................. 193.3 Querying VPCs.............................................................................................................................................................213.4 Updating VPC Information.......................................................................................................................................... 243.5 Deleting a VPC.............................................................................................................................................................27
4 Subnet............................................................................................................................................ 294.1 Creating a Subnet..........................................................................................................................................................294.2 Querying Subnet Details...............................................................................................................................................334.3 Querying Subnets......................................................................................................................................................... 364.4 Updating Subnet Information....................................................................................................................................... 394.5 Deleting a Subnet..........................................................................................................................................................42
5 Elastic IP Address........................................................................................................................ 455.1 Applying for an Elastic IP Address.............................................................................................................................. 455.2 Querying an Elastic IP Address....................................................................................................................................495.3 Querying Elastic IP Addresses..................................................................................................................................... 535.4 Binding or Unbinding an Elastic IP Address................................................................................................................565.5 Deleting an Elastic IP Address..................................................................................................................................... 59
Virtual Private CloudAPI Reference Contents
Issue 01 (2017-12-31) ii
6 Bandwidth.....................................................................................................................................626.1 Querying a Bandwidth..................................................................................................................................................626.2 Querying Bandwidths................................................................................................................................................... 656.3 Updating Bandwidth Information.................................................................................................................................69
7 Quota..............................................................................................................................................737.1 Querying Quotas...........................................................................................................................................................73
8 Private IP Address....................................................................................................................... 788.1 Applying for a Private IP Address................................................................................................................................788.2 Querying Private IP Address Details............................................................................................................................818.3 Querying Private IP Addresses.....................................................................................................................................848.4 Deleting a Private IP Address.......................................................................................................................................87
9 Security Group............................................................................................................................. 899.1 Creating a Security Group............................................................................................................................................ 899.2 Querying Security Group Details................................................................................................................................. 939.3 Querying Security Groups............................................................................................................................................ 979.4 Deleting a Security Group.......................................................................................................................................... 1029.5 Creating a Security Group Rule..................................................................................................................................1049.6 Querying Security Group Rule Details.......................................................................................................................1089.7 Querying Security Group Rules..................................................................................................................................1129.8 Deleting a Security Group Rule..................................................................................................................................116
10 Port..............................................................................................................................................11810.1 Creating a Port.......................................................................................................................................................... 11810.2 Querying a Port.........................................................................................................................................................12610.3 Querying Ports..........................................................................................................................................................13110.4 Updating a Port.........................................................................................................................................................13710.5 Deleting a Port.......................................................................................................................................................... 144
11 VPC Peering Connection........................................................................................................14611.1 Overview...................................................................................................................................................................14611.2 Querying VPC Peering Connections........................................................................................................................ 14711.3 Querying a VPC Peering Connection....................................................................................................................... 14911.4 Creating a VPC Peering Connection........................................................................................................................ 15211.5 Accepting a VPC Peering Connection......................................................................................................................15411.6 Refusing a VPC Peering Connection........................................................................................................................15611.7 Updating a VPC Peering Connection....................................................................................................................... 15911.8 Deleting a VPC Peering Connection........................................................................................................................ 161
12 VPC Route.................................................................................................................................16412.1 Overview.................................................................................................................................................................. 16412.2 Querying VPC Routes.............................................................................................................................................. 16512.3 Querying a VPC Route............................................................................................................................................. 16712.4 Creating a VPC Route.............................................................................................................................................. 169
Virtual Private CloudAPI Reference Contents
Issue 01 (2017-12-31) iii
12.5 Deleting a VPC Route.............................................................................................................................................. 171
13 Port (Native OpenStack API)................................................................................................ 17313.1 Overview.................................................................................................................................................................. 17313.2 Querying Ports..........................................................................................................................................................18213.3 Querying a Port.........................................................................................................................................................18913.4 Creating a Port.......................................................................................................................................................... 19113.5 Updating a Port.........................................................................................................................................................19413.6 Deleting a Port.......................................................................................................................................................... 197
14 Network (Native OpenStack API)........................................................................................19914.1 Overview.................................................................................................................................................................. 19914.2 Querying Networks...................................................................................................................................................20214.3 Querying Network Details........................................................................................................................................20514.4 Creating a Network...................................................................................................................................................20714.5 Updating a Network..................................................................................................................................................21014.6 Deleting a Network...................................................................................................................................................212
15 Subnet (Native OpenStack API)...........................................................................................21415.1 Overview.................................................................................................................................................................. 21415.2 Querying Subnets..................................................................................................................................................... 21815.3 Querying a Subnet.................................................................................................................................................... 22115.4 Creating a Subnet......................................................................................................................................................22315.5 Updating a Subnet.................................................................................................................................................... 22515.6 Deleting a Subnet......................................................................................................................................................228
16 Router (Native OpenStack API)........................................................................................... 23016.1 Overview.................................................................................................................................................................. 23016.2 Querying Routers......................................................................................................................................................23216.3 Querying a Router.................................................................................................................................................... 23516.4 Creating a Router......................................................................................................................................................23716.5 Updating a Router.....................................................................................................................................................23916.6 Deleting a Router......................................................................................................................................................24116.7 Adding an Interface to a Router............................................................................................................................... 24316.8 Removing an Interface from a Router...................................................................................................................... 245
17 Floating IP Address (Native OpenStack API)....................................................................24817.1 Overview.................................................................................................................................................................. 24817.2 Querying Floating IP Addresses...............................................................................................................................24917.3 Querying a Floating IP Address............................................................................................................................... 25117.4 Creating a Floating IP Address.................................................................................................................................25317.5 Updating a Floating IP Address................................................................................................................................25517.6 Deleting a Floating IP Address.................................................................................................................................258
18 Network ACL (Native OpenStack API).............................................................................. 26018.1 Overview.................................................................................................................................................................. 260
Virtual Private CloudAPI Reference Contents
Issue 01 (2017-12-31) iv
18.2 Querying Network ACL Rules................................................................................................................................. 26418.3 Querying a Network ACL Rule................................................................................................................................26718.4 Creating a Network ACL Rule................................................................................................................................. 26918.5 Updating a Network ACL Rule................................................................................................................................ 27118.6 Deleting a Network ACL Rule................................................................................................................................. 27418.7 Querying Network ACL Policies............................................................................................................................. 27518.8 Querying a Network ACL Policy............................................................................................................................. 27818.9 Creating a Network ACL Policy.............................................................................................................................. 28018.10 Updating a Network ACL Policy........................................................................................................................... 28218.11 Deleting a Network ACL Policy.............................................................................................................................28518.12 Inserting a Network ACL Rule...............................................................................................................................28618.13 Removing a Network ACL Rule from a Network ACL Policy............................................................................. 28918.14 Querying Network ACL Groups............................................................................................................................ 29218.15 Querying a Network ACL Group........................................................................................................................... 29418.16 Creating a Network ACL Group............................................................................................................................ 29618.17 Updating a Network ACL Group........................................................................................................................... 29918.18 Deleting a Network ACL Group............................................................................................................................ 301
19 Security Group (Native OpenStack API)............................................................................30419.1 Overview.................................................................................................................................................................. 30419.2 Querying Security Groups........................................................................................................................................ 30719.3 Querying a Security Group.......................................................................................................................................31019.4 Creating a Security Group........................................................................................................................................ 31219.5 Updating a Security Group....................................................................................................................................... 31519.6 Deleting a Security Group........................................................................................................................................ 31819.7 Querying Security Group Rules............................................................................................................................... 31919.8 Querying a Security Group Rule.............................................................................................................................. 32219.9 Creating a Security Group Rule................................................................................................................................32419.10 Deleting a Security Group Rule..............................................................................................................................327
A Appendix....................................................................................................................................329A.1 Error Codes................................................................................................................................................................329A.2 ICMP-Port Range Relationship Table....................................................................................................................... 340A.3 VPC Monitoring Metrics........................................................................................................................................... 341A.4 Pagination.................................................................................................................................................................. 342
B Change History..........................................................................................................................344
Virtual Private CloudAPI Reference Contents
Issue 01 (2017-12-31) v
1 API Calling
API requests sent by third-party applications to the public cloud service must be authenticatedusing signatures.
This chapter describes the overall method of using signatures and provides sample codes todetail how to use the default signer to sign requests and how to use an HTTP client to sendrequests.
1.1 Service UsagePublic cloud services provide RESTful APIs.
Representational State Transfer (REST) allocates Uniform Resource Identifiers (URIs) todispersed resources so that resources can be located. Applications on clients use UniformResource Locators (URLs) to obtain resources.
The URL is in the following format: https://Endpoint/uri
Table 1-1 describes the parameters in a URL.
Table 1-1 Parameter description
Parameter Description
Endpoint Specifies the URL that is the entry point for a web service. Obtainthe value from Regions and Endpoints.
URI Specifies the API access path for performing a specified operation.Obtain the value from the URI of the API, for example, v3/auth/tokens.
1.2 Request MethodsThe HTTP protocol defines request methods, such as GET, PUT, POST, DELETE, andPATCH, to indicate the desired action to be performed on the identified resource. Thefollowing table describes the HTTP methods supported by the RESTful APIs.
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 1
Table 1-2 HTTPS methods
Method Description
GET The GET method requests a representation of the specified resource.
PUT The PUT method requests that the enclosed entity be stored under thesupplied URI.
POST The POST method requests that the server accept the entity enclosed in therequest as a new subordinate of the web resource identified by the URI.
DELETE The DELETE method deletes the specified resource, for example, anobject.
PATCH The PATCH method applies partial modifications to a resource.If the resource does not exist, the PATCH method creates a resource.
1.3 Request Authentication MethodsYou can use either of the following two authentication methods to call APIs:
l Token authentication: Requests are authenticated using Tokens.l AK/SK authentication: Requests are encrypted using the access key (AK) and secret key
(SK) to provide higher security.
1.4 Token Authentication
ScenariosIf you use a token for authentication, you must obtain the user's token and add X-Auth-Tokento the request message header of the service API when making an API call.
This section describes how to make an API call for token authentication.
Make an API Call1. Send POST https://Endpoint of IAM/v3/auth/tokens to obtain the endpoint of IAM and
the region name in the message body.See Regions and Endpoints.An example request message is as follows:
NOTE
Replace the items in italic in the following example with actual ones. For details, see the Identityand Access Management API Reference.
{ "auth": { "identity": { "methods": [ "password" ], "password": { "user": {
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 2
"name": "username", "password": "password", "domain": { "name": "domainname" } } } }, "scope": { "project": { "id": "0215ef11e49d4743be23dd97a1561e91" //This ID is used as an example. } } }}
2. Obtain the token. For details, see section "Obtaining the User Token" in the Identity andAccess Management API Reference.
3. Make a call to a service API, add X-Auth-Token to the message header, and set thevalue of X-Auth-Token to the token obtained in step 2.
1.5 AK/SK AuthenticationWhen you use an API gateway to send requests to underlying services, the requests are signedusing the AK and SK.
NOTE
AK: indicates the ID of the access key. AK is used together with SK to obtain an encrypted signature fora request.
SK: indicates the secret access key together used with the access key ID to sign requests. AK and SKcan be used together to identify a request sender to prevent the request from being modified.
1.5.1 AK and SK Generation1. Log in to the management console.2. Click the username and select Basic Information from the drop-down list.3. On the displayed page, click Manage my credentials.
4. Click Access Credentials.5. Click Add Access Key to switch to the Add Access Key page.6. Enter the password used for the current login.7. Enter the authentication code received in the email or mobile phone.
NOTE
For users created in Identity and Access Management (IAM), if no email address or mobile phoneis filled during the user creation, you only need to authenticate the login password.
8. Click OK to download the access key.
NOTE
To prevent the access key from being leaked, keep it secure.
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 3
1.5.2 Request Signing Procedure
Preparations1. Download the API Gateway signature tool.
Download path: http://esdk.huawei.com/ilink/esdk/download/HW_4567062. Extract the package.3. Create a Java project, and reference the extracted JAR to the dependency path.
Sign a Request1. Create a request com.cloud.sdk.DefaultRequest (JAVA) used for signing.2. Set the target API URL, HTTPS method, and content of request
com.cloud.sdk.DefaultRequest (JAVA).3. Sign request com.cloud.sdk.DefaultRequest (JAVA).
a. Call SignerFactory.getSigner(String serviceName, String regionName) to obtaina signing tool.
b. Call Signer.sign(Request<?> request, Credentials credentials) to sign the requestcreated in step 1.The following code shows the details://Select an algorithm for request signing.Signer signer = SignerFactory.getSigner(serviceName, region);//Sign the request. The request will change after the signing.signer.sign(request, new BasicCredentials(this.ak, this.sk));
4. Convert the request signed in the previous step to a new request that can be used to makean API call and copy the header of the signed request to the new request.For example, if Apache HttpClient is used, convert DefaultRequest to HttpRequestBaseand copy the header of the signed DefaultRequest to HttpRequestBase.For details, see descriptions of AccessServiceImpl.java in section 1.5.3 Sample Code.
1.5.3 Sample CodeThe following three types of code show how to sign a request and how to use an HTTP clientto send an HTTPS request:
AccessService: indicates the abstract class that converts the GET, POST, PUT, and DELETEmethods in to the access method.
Demo: indicates the execution entry used to simulate GET, POST, PUT, and DELETE requestsending.
AccessServiceImpl: indicates the implementation of the access method. Code required forAPI gateway communication is in the access method.
For details about region and serviceName in the following code, see Regions andEndpoints.
AccessService.java:
package com.cloud.apigateway.sdk.demo;
import java.io.InputStream;import java.net.URL;
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 4
import java.util.Map;
import org.apache.http.HttpResponse;
import com.cloud.sdk.http.HttpMethodName;
public abstract class AccessService { protected String serviceName = null; protected String region = null; protected String ak = null; protected String sk = null; public AccessService(String serviceName, String region, String ak, String sk) { this.region = region; this.serviceName = serviceName; this.ak = ak; this.sk = sk; } public abstract HttpResponse access(URL url, Map<String, String> header, InputStream content, Long contentLength, HttpMethodName httpMethod) throws Exception; public HttpResponse access(URL url, Map<String, String> header, HttpMethodName httpMethod) throws Exception { return this.access(url, header, null, 0l, httpMethod); } public HttpResponse access(URL url, InputStream content, Long contentLength, HttpMethodName httpMethod) throws Exception { return this.access(url, null, content, contentLength, httpMethod); } public HttpResponse access(URL url, HttpMethodName httpMethod) throws Exception { return this.access(url, null, null, 0l, httpMethod); } public abstract void close(); public String getServiceName() { return serviceName; } public void setServiceName(String serviceName) { this.serviceName = serviceName; } public String getRegion() { return region; } public void setRegion(String region) { this.region = region; } public String getAk() { return ak; } public void setAk(String ak) { this.ak = ak; }
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 5
public String getSk() { return sk; } public void setSk(String sk) { this.sk = sk; } }
AccessServiceImpl.java:
package com.cloud.apigateway.sdk.demo;
import java.io.IOException;import java.io.InputStream;import java.net.URISyntaxException;import java.net.URL;import java.util.HashMap;import java.util.Map;
import javax.net.ssl.SSLContext;
import org.apache.http.Header;import org.apache.http.HttpHeaders;import org.apache.http.HttpResponse;import org.apache.http.client.methods.HttpDelete;import org.apache.http.client.methods.HttpGet;import org.apache.http.client.methods.HttpHead;import org.apache.http.client.methods.HttpPatch;import org.apache.http.client.methods.HttpPost;import org.apache.http.client.methods.HttpPut;import org.apache.http.client.methods.HttpRequestBase;import org.apache.http.conn.ssl.AllowAllHostnameVerifier;import org.apache.http.conn.ssl.SSLConnectionSocketFactory;import org.apache.http.conn.ssl.SSLContexts;import org.apache.http.conn.ssl.TrustSelfSignedStrategy;import org.apache.http.entity.InputStreamEntity;import org.apache.http.impl.client.CloseableHttpClient;import org.apache.http.impl.client.HttpClients;
import com.cloud.sdk.DefaultRequest;import com.cloud.sdk.Request;import com.cloud.sdk.auth.credentials.BasicCredentials;import com.cloud.sdk.auth.signer.Signer;import com.cloud.sdk.auth.signer.SignerFactory;import com.cloud.sdk.http.HttpMethodName;
public class AccessServiceImpl extends AccessService {
private CloseableHttpClient client = null;
public AccessServiceImpl(String serviceName, String region, String ak, String sk) { super(serviceName, region, ak, sk); }
/** {@inheritDoc} */
public HttpResponse access(URL url, Map<String, String> headers, InputStream content, Long contentLength, HttpMethodName httpMethod) throws Exception {
// Make a request for signing. Request request = new DefaultRequest(this.serviceName); try { // Set the request address. request.setEndpoint(url.toURI());
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 6
String urlString = url.toString();
String parameters = null;
if (urlString.contains("?")) { parameters = urlString.substring(urlString.indexOf("?") + 1); Map parametersmap = new HashMap<String, String>(); if (null != parameters && !"".equals(parameters)) { String[] parameterarray = parameters.split("&"); for (String p : parameterarray) { String key = p.split("=")[0]; String value = p.split("=")[1]; parametersmap.put(key, value); } request.setParameters(parametersmap); } }
} catch (URISyntaxException e) { // It is recommended to add logs in this place. e.printStackTrace(); } // Set the request method. request.setHttpMethod(httpMethod); if (headers != null) { // Add request header information if required. request.setHeaders(headers); } // Configure the request content. request.setContent(content);
// Select an algorithm for request signing. Signer signer = SignerFactory.getSigner(serviceName, region); // Sign the request, and the request will change after the signing. signer.sign(request, new BasicCredentials(this.ak, this.sk));
// Make a request that can be sent by the HTTP client. HttpRequestBase httpRequestBase = createRequest(url, null, request.getContent(), contentLength, httpMethod); Map<String, String> requestHeaders = request.getHeaders(); // Put the header of the signed request to the new request. for (String key : requestHeaders.keySet()) { if (key.equalsIgnoreCase(HttpHeaders.CONTENT_LENGTH.toString())) { continue; } httpRequestBase.addHeader(key, requestHeaders.get(key)); }
HttpResponse response = null; SSLContext sslContext = SSLContexts.custom() .loadTrustMaterial(null, new TrustSelfSignedStrategy()) .useTLS().build(); SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory( sslContext, new AllowAllHostnameVerifier());
client = HttpClients.custom().setSSLSocketFactory(sslSocketFactory) .build(); // Send the request, and a response will be returned. response = client.execute(httpRequestBase); return response; }
/** * Make a request that can be sent by the HTTP client. * * @param url
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 7
* specifies the API access path. * @param header * specifies the header information to be added. * @param content * specifies the body content to be sent in the API call. * @param contentLength * specifies the length of the content. This parameter is optional. * @param httpMethod * specifies the HTTP method to be used. * @return specifies the request that can be sent by an HTTP client. */ private static HttpRequestBase createRequest(URL url, Header header, InputStream content, Long contentLength, HttpMethodName httpMethod) {
HttpRequestBase httpRequest; if (httpMethod == HttpMethodName.POST) { HttpPost postMethod = new HttpPost(url.toString());
if (content != null) { InputStreamEntity entity = new InputStreamEntity(content, contentLength); postMethod.setEntity(entity); } httpRequest = postMethod; } else if (httpMethod == HttpMethodName.PUT) { HttpPut putMethod = new HttpPut(url.toString()); httpRequest = putMethod;
if (content != null) { InputStreamEntity entity = new InputStreamEntity(content, contentLength); putMethod.setEntity(entity); } } else if (httpMethod == HttpMethodName.PATCH) { HttpPatch patchMethod = new HttpPatch(url.toString()); httpRequest = patchMethod;
if (content != null) { InputStreamEntity entity = new InputStreamEntity(content, contentLength); patchMethod.setEntity(entity); } } else if (httpMethod == HttpMethodName.GET) { httpRequest = new HttpGet(url.toString()); } else if (httpMethod == HttpMethodName.DELETE) { httpRequest = new HttpDelete(url.toString()); } else if (httpMethod == HttpMethodName.HEAD) { httpRequest = new HttpHead(url.toString()); } else { throw new RuntimeException("Unknown HTTP method name: " + httpMethod); }
httpRequest.addHeader(header); return httpRequest; }
@Override public void close() { try { if (client != null) { client.close(); } } catch (IOException e) { // It is recommended to add logs in this place. e.printStackTrace(); } }
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 8
}
Demo.java:
package com.cloud.apigateway.sdk.demo;
import java.io.BufferedReader;import java.io.ByteArrayInputStream;import java.io.IOException;import java.io.InputStream;import java.io.InputStreamReader;import java.net.MalformedURLException;import java.net.URL;
import org.apache.http.HttpResponse;
import com.cloud.sdk.http.HttpMethodName;
public class Demo {
//replace real region private static final String region = "regionName";
//replace real service name private static final String serviceName = "serviceName";
public static void main(String[] args) {
//replace real AK String ak = "akString"; //replace real SK String sk = "skString";
// get method //replace real url String url = "urlString"; get(ak, sk, url);
// post method //replace real url String postUrl = "urlString"; //replace real body String postbody = "bodyString"; post(ak, sk, postUrl, postbody);
// put method //replace real body String putbody = "bodyString"; //replace real url String putUrl = "urlString"; put(ak, sk, putUrl, putbody);
// delete method //replace real url String deleteUrl = "urlString"; delete(ak, sk, deleteUrl); }
public static void put(String ak, String sk, String requestUrl, String putBody) {
AccessService accessService = null; try { accessService = new AccessServiceImpl(serviceName, region, ak, sk); URL url = new URL(requestUrl); HttpMethodName httpMethod = HttpMethodName.PUT;
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 9
InputStream content = new ByteArrayInputStream(putBody.getBytes()); HttpResponse response = accessService.access(url, content, (long) putBody.getBytes().length, httpMethod); System.out.println(response.getStatusLine().getStatusCode()); } catch (Exception e) { e.printStackTrace(); } finally { accessService.close(); }
} public static void patch(String ak, String sk, String requestUrl, String putBody) {
AccessService accessService = null; try { accessService = new AccessServiceImpl(serviceName, region, ak, sk); URL url = new URL(requestUrl); HttpMethodName httpMethod = HttpMethodName.PATCH; InputStream content = new ByteArrayInputStream(putBody.getBytes()); HttpResponse response = accessService.access(url, content, (long) putBody.getBytes().length, httpMethod); System.out.println(convertStreamToString(response.getEntity() .getContent())); } catch (Exception e) { e.printStackTrace(); } finally { accessService.close(); }
}
public static void delete(String ak, String sk, String requestUrl) {
AccessService accessService = null;
try { accessService = new AccessServiceImpl(serviceName, region, ak, sk); URL url = new URL(requestUrl); HttpMethodName httpMethod = HttpMethodName.DELETE;
HttpResponse response = accessService.access(url, httpMethod); System.out.println(convertStreamToString(response.getEntity() .getContent())); } catch (Exception e) { e.printStackTrace(); } finally { accessService.close(); }
}
public static void get(String ak, String sk, String requestUrl) {
AccessService accessService = null;
try { accessService = new AccessServiceImpl(serviceName, region, ak, sk); URL url = new URL(requestUrl); HttpMethodName httpMethod = HttpMethodName.GET; HttpResponse response; response = accessService.access(url, httpMethod); System.out.println(convertStreamToString(response.getEntity() .getContent()));
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 10
} catch (Exception e) { e.printStackTrace(); } finally { accessService.close(); }
}
public static void post(String ak, String sk, String requestUrl, String postbody) {
AccessService accessService = new AccessServiceImpl(serviceName, region, ak, sk); URL url = null; try { url = new URL(requestUrl); } catch (MalformedURLException e) { e.printStackTrace(); } InputStream content = new ByteArrayInputStream(postbody.getBytes()); HttpMethodName httpMethod = HttpMethodName.POST; HttpResponse response;
try { response = accessService.access(url, content, (long) postbody.getBytes().length, httpMethod); System.out.println(convertStreamToString(response.getEntity() .getContent())); } catch (Exception e) { e.printStackTrace(); } finally { accessService.close(); } }
private static String convertStreamToString(InputStream is) { BufferedReader reader = new BufferedReader(new InputStreamReader(is)); StringBuilder sb = new StringBuilder();
String line = null; try { while ((line = reader.readLine()) != null) { sb.append(line + "\n"); } } catch (IOException e) { e.printStackTrace(); } finally { try { is.close(); } catch (IOException e) { e.printStackTrace(); } }
return sb.toString(); }
}
NOTE
1. Parameters URI, AK, SK, and HTTP METHOD are mandatory.
2. You can use the request.addHeader() method to add header information.
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 11
1.6 Obtaining a Project IDA project ID is required for some URLs when an API is called. It can be project_id ortenant_id because project_id has the same meaning as tenant_id in this document. Beforecalling an API, you need to obtain a project ID on the console. The steps are as follows:
1. Log in to the management console.2. Click the username and select Basic Information from the drop-down list.3. On the displayed page, click Manage my credentials.
On the displayed page, view the project ID in the project list.
Figure 1-1 Viewing project IDs
Virtual Private CloudAPI Reference 1 API Calling
Issue 01 (2017-12-31) 12
2 Common Message Headers
This chapter describes common request and response REST message headers.
2.1 Common Request Headers
Table 2-1 Common request headers
Parameter Description Mandatory Example Value
x-sdk-date Specifies the timewhen the request issent. The time is inYYYYMMDD'T'HHMMSS'Z' format.The value is thecurrent GMT time ofthe system.
NoThis field ismandatory forAK/SKauthentication.
20150907T101459Z
Authorization Specifies theauthenticationinformation.The value can beobtained from therequest signingresult.For details, seesection 1.5.2Request SigningProcedure.
NoThis field ismandatory forAK/SKauthentication.
SDK-HMAC-SHA256Credential=ZIRRKMTWPTQFQI1WKNKB/20150907//ec2/sdk_request,SignedHeaders=content-type;host;x-sdk-date,Signature=55741b610f3c9fa3ae40b5a8021ebf7ebc2a28a603fc62d25cb3bfe6608e1994
Virtual Private CloudAPI Reference 2 Common Message Headers
Issue 01 (2017-12-31) 13
Parameter Description Mandatory Example Value
Host Specifies the serverdomain name andport number of theresources beingrequested. The valuecan be obtained fromthe URL of theservice API. Thevalue ishostname[:port]. Ifthe port number isnot specified, thedefault port is used.The default portnumber for https is443.
NoThis field ismandatory forAK/SKauthentication.
code.test.comorcode.test.com:443
Content-type Specifies the requestbody MIME type.You are advised touse the default valueapplication/json.For interfaces usedto upload objects orimages, the value canvary depending onthe flow type.
Yes application/json
Content-Length Specifies the lengthof the request body.The unit is byte.
No 3495
X-Project-Id Specifies the projectID. Obtain theproject ID byfollowing theinstructions insection 1.6Obtaining a ProjectID.This parameter ismandatory for arequest from a DeCor multi-project user.
NoThis field ismandatory forrequests thatuse AK/SKauthenticationin theDedicatedCloud (DeC)scenario ormulti-projectscenario.
e9993fc787d94b6c886cbaa340f9c0f4
Virtual Private CloudAPI Reference 2 Common Message Headers
Issue 01 (2017-12-31) 14
Parameter Description Mandatory Example Value
X-Auth-Token Specifies the usertoken.For details abouthow to obtain thetoken, see section"Obtaining the UserToken" in theIdentity and AccessManagement APIReference. After therequest is processed,the value of X-Subject-Token inthe message headeris the token value.
NoThis field ismandatory fortokenauthentication.
The following is part of anexample token:MIIPAgYJKoZIhvcNAQc-CoIIO8zCCDu8CAQExDTALBglghkgBZQMEAgEwgg1QBgkqhkiG9w0BBwGggg1BBIINPXsidG9rZ.
NOTE
For details about other parameters in the message header, see the HTTP protocol documentation.
2.2 Common Response Headers
Table 2-2 Common response headers
Name Description Example Value
Content-Length
Specifies the length of the response body.The unit is byte.
--
Date Specifies the GMT time when a requestresponse is returned.
Wed, 27 Dec 201606:49:46 GMT
Content-type Specifies the response body MIME type. application/json
Virtual Private CloudAPI Reference 2 Common Message Headers
Issue 01 (2017-12-31) 15
3 Virtual Private Cloud
3.1 Creating a VPC
FunctionThis interface is used to create a VPC.
URIl POST /v1/{tenant_id}/vpcsl Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
Requestl Parameter description
Name Mandatory Type Description
vpc Yes Dictionarydata structure
Specifies the VPC objects.
Descriptions of vpc fields
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 16
Name Mandatory Type Description
name No String Specifies the name of the VPC.The name must be unique for a tenant.The value is a string of no more than 64characters and can contain digits, letters,underscores (_), and hyphens (-).
cidr No String Specifies the range of available subnets in theVPC.The value must be in CIDR format, forexample, 192.168.0.0/16.The value ranges from 10.0.0.0/8 to10.255.255.0/24, 172.16.0.0/12 to172.31.255.0/24, or 192.168.0.0/16 to192.168.255.0/24.
l Example request{ "vpc": { "name": "vpc", "cidr": "192.168.0.0/16" } }
Responsel Parameter description
Name Mandatory Type Description
vpc Yes Dictionarydata structure
Specifies the VPC objects.
Descriptions of vpc fields
Name Mandatory Type Description
id Yes String Specifies a resource ID in UUID format.
name No String Specifies the name of the VPC.The name must be unique for a tenant.The value is a string of no more than 64characters and can contain digits, letters,underscores (_), and hyphens (-).
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 17
Name Mandatory Type Description
cidr No String Specifies the range of available subnets inthe VPC.The value must be in CIDR format, forexample, 192.168.0.0/16.The value ranges from 10.0.0.0/8 to10.255.255.0/24, 172.16.0.0/12 to172.31.255.0/24, or 192.168.0.0/16 to192.168.255.0/24.
status Yes String Specifies the status of the VPC.The value can be CREATING, OK,DOWN, PENDING_UPDATE,PENDING_DELETE, or ERROR.
l Example response{ "vpc": { "id": "99d9d709-8478-4b46-9f3f-2206b1023fd3", "name": "vpc", "cidr": "192.168.0.0/16", "status": "CREATING", }}
Returned Valuel Normal
200
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 18
Returned Value Description
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
3.2 Querying VPC Details
FunctionThis interface is used to query details about a VPC.
URIl GET /v1/{tenant_id}/vpcs/{vpc_id}l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
vpc_id Yes Specifies the VPC ID,which uniquely identifiesthe VPC.
Requestl Parameter description
Nonel Example request
None
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 19
Responsel Parameter description
Name Mandatory Type Description
vpc Yes Dictionarydata structure
Specifies the VPC objects.
Descriptions of vpc fields
Name Mandatory
Type Description
id Yes String Specifies a resource ID in UUID format.
name No String Specifies the VPC name.
cidr Yes String Specifies the range of available subnetsin the VPC.
status Yes String Specifies the status of the VPC.The value can be CREATING, OK,DOWN, PENDING_UPDATE,PENDING_DELETE, or ERROR.
l Example response
{ "vpc": { "id": "99d9d709-8478-4b46-9f3f-2206b1023fd3", "name": "vpc", "cidr": "192.168.0.0/16", "status": "OK",}}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 20
Returned Value Description
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
3.3 Querying VPCs
FunctionThis interface is used to query VPCs using search criteria and to display the VPCs in a list.
URIl GET /v1/{tenant_id}/vpcsl Example:
/v1/{tenant_id}/vpcs?limit=10&marker=13551d6b-755d-4757-b956-536f674975c0l Parameter description
Name Mandatory Type Description
tenant_id Yes String Specifies the tenant ID of the operator.
marker No String Specifies the resource ID of paginationquery. If the parameter is left blank, onlyresources on the first page are queried.
limit No int Specifies the number of records returnedon each page.The value ranges from 0 to intmax.
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 21
Requestl Parameter description
Nonel Example request
None
Responsel Parameter description
Name Mandatory Type Description
vpcs Yes List data structure Specifies the VPC list objects.
Descriptions of vpcs fields
Name Mandatory Type Description
id Yes String Specifies a resource ID in UUID format.
name No String Specifies the VPC name.
cidr Yes String Specifies the range of available subnets inthe VPC.
status Yes String Specifies the status of the VPC.The value can be CREATING, OK,DOWN, PENDING_UPDATE,PENDING_DELETE, or ERROR.
Descriptions of route fields
Name Mandatory Type Description
destination
Yes String Specifies the destination networksegment of a route.The value must be in the CIDR format.Currently, only the value 0.0.0.0/0 issupported.
nexthop Yes String Specifies the next hop of a route.The value must be an IP address andmust belong to the subnet in the VPC.Otherwise, this value does not take effect.
l Example response
{ "vpcs": [ { "id": "13551d6b-755d-4757-b956-536f674975c0",
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 22
"name": "default", "cidr": "172.16.0.0/16", "status": "OK", }, { "id": "3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85", "name": "222", "cidr": "192.168.0.0/16", "status": "OK", }, { "id": "99d9d709-8478-4b46-9f3f-2206b1023fd3", "name": "vpc", "cidr": "192.168.0.0/16", "status": "OK", } ]}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 23
Returned Value Description
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
3.4 Updating VPC Information
FunctionThis interface is used to update information about a VPC.
URIl PUT /v1/{tenant_id}/vpcs/{vpc_id}l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
vpc_id Yes Specifies the VPC ID,which uniquely identifiesthe VPC.
Requestl Parameter description
Name Mandatory Type Description
vpc Yes Dictionary datastructure
VPC object, which must containname or cidr
Descriptions of vpc fields
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 24
Name Mandatory
Type Description
name No String Specifies the name of the VPC.The name must be unique for a tenant.The value is a string of no more than 64characters and can contain digits, letters,underscores (_), and hyphens (-).If name is not specified, cidr must bespecified.
cidr No String Specifies the range of available subnets inthe VPC.The value must be in CIDR format, forexample, 192.168.0.0/16.The value ranges from 10.0.0.0/8 to10.255.255.0/24, 172.16.0.0/12 to172.31.255.0/24, or 192.168.0.0/16 to192.168.255.0/24.If cidr is not specified, name must bespecified.
l Example request
{"vpc": { "name": "vpc1", "cidr": "192.168.0.0/16" }}
Responsel Parameter description
Name Mandatory Type Description
vpc Yes Dictionary datastructure
Specifies the VPC objects.
Descriptions of vpc fields
Name Mandatory Type Description
id Yes String Specifies a resource ID in UUID format.
name Yes String Specifies the VPC name.
cidr Yes String Specifies the range of available subnets inthe VPC.
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 25
Name Mandatory Type Description
status Yes String Specifies the status of the VPC.The value can be CREATING, OK,DOWN, PENDING_UPDATE,PENDING_DELETE, or ERROR.
l Example response
{ "vpc": { "id": "99d9d709-8478-4b46-9f3f-2206b1023fd3", "name": "vpc1", "cidr": "192.168.0.0/16", "status": "OK", }}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 26
Returned Value Description
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
3.5 Deleting a VPC
Function
This interface is used to delete a VPC.
URIl DELETE /v1/{tenant_id}/vpcs/{vpc_id}l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
vpc_id Yes Specifies the VPC ID,which uniquely identifiesthe VPC.
Requestl Parameter description
Nonel Example request
None
Responsel Example response
None
Returned Valuel Normal
204l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 27
Returned Value Description
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 3 Virtual Private Cloud
Issue 01 (2017-12-31) 28
4 Subnet
4.1 Creating a Subnet
FunctionThis interface is used to create a subnet.
URIl POST /v1/{tenant_id}/subnetsl Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
Requestl Parameter description
Name Mandatory Type Description
subnet Yes Dictionary datastructure
Specifies the subnet objects.
Descriptions of subnet fields
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 29
Name Mandatory
Type Description
name Yes String Specifies the subnet name.The value is a string of 1 to 64characters that can contain letters,digits, underscores (_), and hyphens(-).
cidr Yes String Specifies the network segment onwhich the subnet resides.The value must be in CIDR format.The value must be within the CIDRblock of the VPC. The subnet maskcannot be greater than 28.
gateway_ip Yes String Specifies the gateway of the subnet.The value must be a valid IP address.The value must be an IP address in thesubnet segment.
dhcp_enable No Boolean Specifies whether the DHCP functionis enabled for the subnet.The value can be true or false.If this parameter is left blank, it is setto true by default.
primary_dns No String Specifies the IP address of DNSserver 1 on the subnet.The value must be a valid IP address.
secondary_dns No String Specifies the IP address of DNSserver 2 on the subnet.The value must be a valid IP address.
dnsList No List Specifies the DNS server address listof a subnet. This field is required ifyou need to use more than two DNSservers.This parameter value is the superset ofboth DNS server address 1 and DNSserver address 2.
availability_zone
No String Identifies the availability zone (AZ) towhich the subnet belongs.The value must be an existing AZ inthe system.
vpc_id Yes String Specifies the ID of the VPC to whichthe subnet belongs.
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 30
Name Mandatory
Type Description
port_security_enable
No String Specifies the operations can beperformed on security groups duringsubnet creation.This is a system default parameter.Users do not need to configure thisparameter.
l Example Request{ "subnet": { "name": "subnet", "cidr": "192.168.20.0/24", "gateway_ip": "192.168.20.1", "dhcp_enable": "true", "primary_dns": "114.114.114.114", "secondary_dns": "114.114.115.115", "dnsList": [ "114.114.114.114", "114.114.115.115" ], "availability_zone":"aa-bb-cc",//AZ aa-bb-cc is used as an example. "vpc_id":"3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85" }}
Responsel Parameter description
Name Mandatory Type Description
subnet Yes Dictionary datastructure
Specifies the subnet objects.
Descriptions of subnet fields
Name Mandatory Type Description
id Yes String Specifies a resource ID in UUIDformat.
name Yes String Specifies the subnet name.
cidr Yes String Specifies the subnet networksegment.
gateway_ip Yes String Specifies the subnet gatewayaddress.
dhcp_enable No Boolean Specifies whether the DHCPfunction is enabled for the subnet.
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 31
Name Mandatory Type Description
primary_dns No String Specifies the IP address of DNSserver 1 on the subnet.
secondary_dns No String Specifies the IP address of DNSserver 2 on the subnet.
dnsList No List Specifies the IP address list of DNSservers on the subnet.
availability_zone No String Identifies the AZ to which thesubnet belongs.
vpc_id Yes String Specifies the ID of the VPC towhich the subnet belongs.
status Yes String Specifies the status of the subnet.The value can be ACTIVE,DOWN, UNKNOWN, orERROR.
neutron_network_id
Yes String Specifies the network (NativeOpenStack API) ID.
neutron_subnet_id Yes String Specifies the subnet (NativeOpenStack API) ID.
l Example Response
{ "subnet": { "id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d", "name": "subnet", "cidr": "192.168.20.0/24", "dnsList": [ "114.114.114.114", "1114.114.115.115" ], "status": "UNKNOWN", "vpc_id": "3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85", "gateway_ip": "192.168.20.1", "dhcp_enable": true, "primary_dns": "114.114.114.114", "secondary_dns": "114.114.115.115", "availability_zone":"aa-bb-cc",//AZ aa-bb-cc is used as an example. "neutron_network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d", "neutron_subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12" }}
Returned Valuel Normal
200l Abnormal
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 32
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
4.2 Querying Subnet Details
FunctionThis interface is used to query details about a subnet.
URIl GET /v1/{tenant_id}/subnets/{subnet_id}l Parameter description
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 33
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
subnet_id Yes Specifies the subnet ID,which uniquely identifiesthe subnet.
Requestl Parameter description
None
l Example request
None
Responsel Parameter description
Name Mandatory Type Description
subnet Yes Dictionary datastructure
Specifies the subnet objects.
Descriptions of subnet fields
Name Mandatory Type Description
id Yes String Specifies a resource ID in UUIDformat.
name Yes String Specifies the subnet name.
cidr Yes String Specifies the subnet networksegment.
gateway_ip Yes String Specifies the subnet gatewayaddress.
dhcp_enable No Boolean Specifies whether the DHCPfunction is enabled for the subnet.
primary_dns No String Specifies the IP address of DNSserver 1 on the subnet.
secondary_dns No String Specifies the IP address of DNSserver 2 on the subnet.
dnsList No List Specifies the IP address list of DNSservers on the subnet.
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 34
Name Mandatory Type Description
availability_zone No String Identifies the AZ to which thesubnet belongs.
vpc_id Yes String Specifies the ID of the VPC towhich the subnet belongs.
status Yes String Specifies the status of the subnet.The value can be ACTIVE,DOWN, UNKNOWN, or ERROR.
neutron_network_id
Yes String Specifies the network (NativeOpenStack API) ID.
neutron_subnet_id Yes String Specifies the subnet (NativeOpenStack API) ID.
l Example response
{ "subnet": { "id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d", "name": "subnet", "cidr": "192.168.20.0/24", "dnsList": [ "114.114.114.114", "114.114.115.115" ], "status": "ACTIVE", "vpc_id": "3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85", "gateway_ip": "192.168.20.1", "dhcp_enable": true, "primary_dns": "114.114.114.114", "secondary_dns": "114.114.115.115", "availability_zone": "aa-bb-cc"//AZ aa-bb-cc is used as an example. "neutron_network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d", "neutron_subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12" }}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 35
Returned Value Description
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
4.3 Querying Subnets
FunctionThis interface is used to query subnets using search criteria and to display the subnets in a list.
URIl GET /v1/{tenant_id}/subnetsl Example:
/v1/{tenant_id}/subnets?limit=10&marker=4779ab1c-7c1a-44b1-a02e-93dfc361b32d&vpc_id=3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85
l Parameter description
Name Mandatory Type Description
tenant_id Yes String Specifies the tenant ID of the operator.
marker No String Specifies the resource ID of paginationquery. If the parameter is left blank,only resources on the first page arequeried.
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 36
Name Mandatory Type Description
limit No String Specifies the number of recordsreturned on each page.The value ranges from 0 to intmax.
vpc_id No String Specifies the VPC ID used as the queryfilter.
Requestl Parameter description
Nonel Example request
None
Responsel Parameter description
Name Mandatory Type Description
subnets Yes List datastructure
Specifies the subnet list objects.
Descriptions of subnets fields
Name Mandatory Type Description
id Yes String Specifies a resource ID in UUIDformat.
name Yes String Specifies the subnet name.
cidr Yes String Specifies the subnet network segment.
gateway_ip Yes String Specifies the subnet gateway address.
dhcp_enable No Boolean Specifies whether the DHCP functionis enabled for the subnet.
primary_dns No String Specifies the IP address of DNS server1 on the subnet.
secondary_dns No String Specifies the IP address of DNS server2 on the subnet.
dnsList No List Specifies the IP address list of DNSservers on the subnet.
availability_zone No String Identifies the AZ to which the subnetbelongs.
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 37
Name Mandatory Type Description
vpc_id Yes String Specifies the ID of the VPC to whichthe subnet belongs.
status Yes String Specifies the status of the subnet.The value can be ACTIVE, DOWN,UNKNOWN, or ERROR.
neutron_network_id
Yes String Specifies the network (NativeOpenStack API) ID.
neutron_subnet_id
Yes String Specifies the subnet (NativeOpenStack API) ID.
l Example response{ "subnets": [ { "id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d", "name": "subnet", "cidr": "192.168.20.0/24", "dnsList": [ "114.114.114.114", "114.114.115.115" ], "status": "ACTIVE", "vpc_id": "3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85", "gateway_ip": "192.168.20.1", "dhcp_enable": true, "primary_dns": "114.114.114.114", "secondary_dns": "114.114.115.115", "availability_zone": "aa-bb-cc"//AZ aa-bb-cc is used as an example. "neutron_network_id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d", "neutron_subnet_id": "213cb9d-3122-2ac1-1a29-91ffc1231a12"
}, { "id": "531dec0f-3116-411b-a21b-e612e42349fd", "name": "Subnet1", "cidr": "192.168.1.0/24", "dnsList": [ "114.114.114.114", "114.114.115.115" ], "status": "ACTIVE", "vpc_id": "3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85", "gateway_ip": "192.168.1.1", "dhcp_enable": true, "primary_dns": "114.114.114.114", "secondary_dns": "114.114.115.115", "availability_zone": "aa-bb-cc"//AZ aa-bb-cc is used as an example. "neutron_network_id": "531dec0f-3116-411b-a21b-e612e42349fd", "neutron_subnet_id": "1aac193-a2ad-f153-d122-12d64c2c1d78" } ]}
Returned Valuel Normal
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 38
200
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
4.4 Updating Subnet Information
Function
This interface is used to update information about a subnet.
URIl PUT /v1/{tenant_id}/vpcs/{vpc_id}/subnets/{subnet_id}
l Parameter description
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 39
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
vpc_id Yes Specifies the ID of thesubnet VPC.
subnet_id Yes Specifies the subnet ID,which uniquely identifiesthe subnet.
Requestl Parameter description
Name Mandatory Type Description
subnet Yes Dictionary datastructure
Specifies the subnet objects.
Descriptions of subnet fields
Name Mandatory Type Description
name Yes String Specifies the subnet name.The value is a string of 1 to 64characters that can contain letters,digits, underscores (_), and hyphens(-).
dhcp_enable No Boolean Specifies whether the DHCPfunction is enabled for the subnet.The value can be true or false.If this parameter is left blank, it isset to true by default.
primary_dns No String Specifies the IP address of DNSserver 1 on the subnet.The value must be a valid IPaddress.
secondary_dns No String Specifies the IP address of DNSserver 2 on the subnet.The value must be a valid IPaddress.
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 40
Name Mandatory Type Description
dnsList No List Specifies the DNS server address listof a subnet. This field is required ifyou need to use more than two DNSservers.This parameter value is the supersetof both DNS server address 1 andDNS server address 2.
l Example request
{ "subnet": { "name": "subnetqq", "dhcp_enable": "false", "primary_dns": "114.114.114.115", "secondary_dns": "114.114.115.116" }}
Responsel Parameter description
Name Mandatory Type Description
subnet Yes Dictionary datastructure
Specifies the subnet objects.
Descriptions of subnet fields
Name Mandatory Type Description
id Yes String Specifies a resource ID in UUIDformat.
status Yes String Specifies the status of the subnet.The value can be ACTIVE,DOWN, UNKNOWN, or ERROR.
l Example response{ "subnet": { "id": "4779ab1c-7c1a-44b1-a02e-93dfc361b32d", "status": "ACTIVE" }}
Returned Valuel Normal
200
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 41
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
4.5 Deleting a Subnet
FunctionThis interface is used to delete a subnet.
URIl DELETE /v1/{tenant_id}/vpcs/{vpc_id}/subnets/{subnet_id}l Parameter description
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 42
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
vpc_id Yes Specifies the ID of thesubnet VPC.
subnet_id Yes Specifies the subnet ID,which uniquely identifiesthe subnet.
Requestl Parameter description
None
l Example request
None
Response
Example responseNone
Returned Valuel Normal
204
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 43
Returned Value Description
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 4 Subnet
Issue 01 (2017-12-31) 44
5 Elastic IP Address
5.1 Applying for an Elastic IP Address
FunctionThis interface is used to apply for an elastic IP address.
URIl POST /v1/{tenant_id}/publicipsl Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
Requestl Parameter description
Name Mandatory Type Description
publicip Yes Dictionarydata structure
Specifies the elastic IP address objects.
bandwidth
Yes Dictionarydata structure
Specifies the bandwidth objects.
Descriptions of publicip fields
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 45
Name Mandatory Type Description
type Yes String Specifies the type of theelastic IP address. Thevalue can the 5_telcom,5_union, 5_bgp, or5_sbgp.The value must be atype supported by thesystem..
ip_address No String Specifies the elastic IPaddress to be obtained.The value must be avalid IP address in theavailable IP addresssegment.
Descriptions of bandwidth fields
Name Mandatory Type Description
name No String Specifies the bandwidthname.The value is a string of 1to 64 characters that cancontain letters, digits,underscores (_), andhyphens (-).This parameter ismandatory whenshare_type is set toPER and is optionalwhen share_type is setto WHOLE with an IDspecified.
size No int Specifies the bandwidthsize.The value ranges from 1Mbit/s to 300 Mbit/s.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 46
Name Mandatory Type Description
id No String Specifies the ID of thebandwidth. You canspecify an earlier sharedbandwidth whenapplying for an elasticIP address for thebandwidth whose type isset to WHOLE.The bandwidth whosetype is set to WHOLEexclusively uses its ownID.The value can be the IDof the bandwidth whosetype is set to WHOLE.
share_type Yes String Specifies whether thebandwidth is shared orexclusive.The value can be PERor WHOLE.
charge_mode No String Specifies the chargingmode (by traffic or bybandwidth).The default value istraffic. Currently, EIPscan only be charged bytraffic.
l Example request
{ "publicip": { "type": "5_bgp" }, "bandwidth": { "name": "bandwidth123", "size": 10, "share_type": "PER" }}
Responsel Parameter description
Name Mandatory Type Description
publicip Yes Dictionarydata structure
Specifies the elastic IP address objects.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 47
Descriptions of publicip fields
Name Mandatory Type Description
id Yes String Specifies the ID of theelastic IP address, whichuniquely identifies theelastic IP address.
status Yes String Specifies the status ofthe elastic IP address.The value can beFREEZED,BIND_ERROR,BINDING,PENDING_DELETE,PENDING_CREATE,NOTIFYING,NOTIFY_DELETE,PENDING_UPDATE,DOWN, ACTIVE,ELB, or ERROR.
type Yes String Specifies the type of theelastic IP address.
public_ip_address Yes String Specifies the obtainedelastic IP address.
tenant_id Yes String Specifies the tenant IDof the operator.
create_time Yes String Specifies the time forapplying for the elasticIP address.
bandwidth _size Yes int Specifies the bandwidthsize.
l Example response{ "publicip": { "id": "f588ccfa-8750-4d7c-bf5d-2ede24414706", "status": "PENDING_CREATE", "type": "5_bgp", "public_ip_address": "161.17.101.7", "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "create_time": "2015-07-16 04:10:52", "bandwidth_size": 0 }}
Returned Valuel Normal
200
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 48
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
5.2 Querying an Elastic IP Address
FunctionThis interface is used to query details about an elastic IP address.
URIl GET /v1/{tenant_id}/publicips/{publicip_id}l Parameter description
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 49
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
publicip _id Yes Specifies the ID of theelastic IP address, whichuniquely identifies theelastic IP address.
Requestl Parameter description
None
l Example Request
None
Responsel Parameter description
Name Mandatory Type Description
publicip Yes Dictionary datastructure
Specifies the elastic IP addressobjects.
Descriptions of publicip fields
Name Mandatory Type Description
id Yes String Specifies the ID of theelastic IP address, whichuniquely identifies theelastic IP address.
status Yes String Specifies the status ofthe elastic IP address.The value can beFREEZED,BIND_ERROR,BINDING,PENDING_DELETE,PENDING_CREATE,NOTIFYING,NOTIFY_DELETE,PENDING_UPDATE,DOWN, ACTIVE,ELB, or ERROR.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 50
Name Mandatory Type Description
type Yes String Specifies the type of theelastic IP address.
public_ip_address Yes String Specifies the obtainedelastic IP address.
private_ip_address No String Specifies the private IPaddress bound to theelastic IP address.The parameter isreturned only when theprivate IP address isbound to the elastic IPaddress.
port_id No String Specifies the port ID.The parameter isreturned only when theprivate IP address isbound to the elastic IPaddress.
tenant_id Yes String Specifies the tenant IDof the operator.
create_time Yes String Specifies the time forapplying for the elasticIP address.
bandwidth_id Yes String Specifies the bandwidthID of the elastic IPaddress.
bandwidth _size Yes int Specifies the bandwidthsize.
bandwidth_share_type Yes String Specifies whether thebandwidth is shared orexclusive.
bandwidth_name Yes String Specifies the bandwidthname.
l Example Response{ "publicip": { "id": "2ec9b78d-9368-46f3-8f29-d1a95622a568", "status": "DOWN", "type": "5_bgp", "public_ip_address": "161.17.101.12", "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "private_ip_address": "192.168.10.5", "create_time": "2015-07-16 04:32:50", "bandwidth_id": "49c8825b-bed9-46ff-9416-704b96d876a2",
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 51
"bandwidth_share_type": "PER", "bandwidth_size": 10, "bandwidth_name": "bandwidth-test" }}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 52
5.3 Querying Elastic IP Addresses
Function
This interface is used to query elastic IP addresses using search criteria and to display theelastic IP addresses in a list.
URIl GET /v1/{tenant_id}/publicipsl Example:
/v1/{tenant_id}/publicips?limit=10&marker=4779ab1c-7c1a-44b1-a02e-93dfc361b32dl Parameter description
Name Mandatory Type Description
tenant_id Yes String Specifies the tenant IDof the operator.
marker No String Specifies the resourceID of pagination query.If the parameter is leftblank, only resources onthe first page arequeried.
limit No int Specifies the number ofrecords returned on eachpage. The value rangesfrom 0 to intmax.
Requestl Parameter description
Nonel Example request
None
Responsel Parameter description
Name Mandatory Type Description
publicips Yes List datastructure
Specifies the elastic IP address listobjects.
Descriptions of publicips fields
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 53
Name Mandatory
Type Description
id Yes String Specifies the ID of theelastic IP address, whichuniquely identifies theelastic IP address.
status Yes String Specifies the status ofthe elastic IP address.The value can beFREEZED,BIND_ERROR,BINDING,PENDING_DELETE,PENDING_CREATE,NOTIFYING,NOTIFY_DELETE,PENDING_UPDATE,DOWN, ACTIVE,ELB, ERROR, orUNKNOWN.
type Yes String Specifies the type of theelastic IP address.
public_ip_address Yes String Specifies the obtainedelastic IP address.
private_ip_address No String Specifies the private IPaddress bound to theelastic IP address.The parameter isreturned only when theprivate IP address isbound to the elastic IPaddress.
port_id No String Specifies the port ID.The parameter isreturned only when theprivate IP address isbound to the elastic IPaddress.
tenant_id Yes String Specifies the tenant IDof the operator.
create_time Yes String Specifies the time forapplying for the elasticIP address.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 54
Name Mandatory
Type Description
bandwidth_id Yes String Specifies the bandwidthID of the elastic IPaddress.
bandwidth _size Yes int Specifies the bandwidthsize.
bandwidth_share_type Yes String Specifies whether thebandwidth is shared orexclusive.
bandwidth_name Yes String Specifies the bandwidthname.
l Example response
{ "publicips": [ { "id": "6285e7be-fd9f-497c-bc2d-dd0bdea6efe0", "status": "DOWN", "type": "5_bgp", "public_ip_address": "161.17.101.9", "private_ip_address": "192.168.10.5", "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "create_time": "2015-07-16 04:22:32", "bandwidth_id": "3fa5b383-5a73-4dcb-a314-c6128546d855", "bandwidth_share_type": "PER", "bandwidth_size": 5, "bandwidth_name": "bandwidth-test" }, { "id": "80d5b82e-43b9-4f82-809a-37bec5793bd4", "status": "DOWN", "type": "5_bgp", "public_ip_address": "161.17.101.10", "private_ip_address": "192.168.10.6", "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "create_time": "2015-07-16 04:23:03", "bandwidth_id": "a79fd11a-047b-4f5b-8f12-99c178cc780a", "bandwidth_share_type": "PER", "bandwidth_size": 5, "bandwidth_name": "bandwidth-test1"
} ]}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 55
Returned Value Description
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
5.4 Binding or Unbinding an Elastic IP Address
Function
This interface is used to bind an elastic IP address to a NIC or unbind an elastic IP addressfrom a NIC.
URIl PUT /v1/{tenant_id}/publicips/{publicip_id}l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 56
Name Mandatory Description
publicip _id Yes Specifies the ID of theelastic IP address, whichuniquely identifies theelastic IP address.
Requestl Parameter description
Name Mandatory Type Description
publicip Yes Dictionary datastructure
Specifies the elastic IP address objects.
Descriptions of publicip fields
Name Mandatory Type Description
port_id No String Specifies the port ID.Constraints: The valuemust be an existing portID. If this parameter isnot included or theparameter value is leftblank, the elastic IPaddress is unbound. Ifthe specified port IDdoes not exist or hasbeen bound to an elasticIP address, an errormessage will bedisplayed.
l Example request
{ "publicip": { "port_id": "f588ccfa-8750-4d7c-bf5d-2ede24414706" }}
Responsel Parameter description
Name Mandatory Type Description
publicip
Yes Dictionary datastructure
Specifies the elastic IP address objects.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 57
Descriptions of publicip fields
Name Mandatory Type Description
id Yes String Specifies the ID of theelastic IP address, whichuniquely identifies theelastic IP address.
status Yes String Specifies the status ofthe elastic IP address.The value can beFREEZED,BIND_ERROR,BINDING,PENDING_DELETE,PENDING_CREATE,NOTIFYING,NOTIFY_DELETE,PENDING_UPDATE,DOWN, ACTIVE,ELB, or ERROR.
type Yes String Specifies the type of theelastic IP address.
public_ip_address Yes String Specifies the obtainedelastic IP address.
port_id No String Specifies the port ID.
tenant_id Yes String Specifies the tenant IDof the operator.
create_time Yes String Specifies the time forapplying for the elasticIP address.
bandwidth _size Yes int Specifies the bandwidthsize.
l Example response
{ "publicip": { "id": "f588ccfa-8750-4d7c-bf5d-2ede24414706", "status": "PENDING_UPDATE", "type": "5_bgp", "public_ip_address": "161.17.101.7", "port_id": "f588ccfa-8750-4d7c-bf5d-2ede24414706", "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "create_time": "2015-07-16 04:10:52", "bandwidth_size": 6 }}
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 58
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
5.5 Deleting an Elastic IP Address
FunctionThis interface is used to delete an elastic IP address.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 59
URIl DELETE /v1/{tenant_id}/publicips/{publicip_id}l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
publicip _id Yes Specifies the ID of theelastic IP address, whichuniquely identifies theelastic IP address.
Requestl Parameter description
Nonel Example request
None
Responsel Example response
None
Returned Valuel Normal
204l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 60
Returned Value Description
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 5 Elastic IP Address
Issue 01 (2017-12-31) 61
6 Bandwidth
6.1 Querying a Bandwidth
FunctionThis interface is used to query details about a bandwidth.
URIl GET /v1/{tenant_id}/bandwidths/{bandwidth_id}l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
bandwidth_id Yes Specifies the bandwidthID, which uniquelyidentifies the bandwidth.
Requestl Parameter description
Nonel Example request
None
Responsel Parameter description
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 62
Name Mandatory Type Description
bandwidth Yes Dictionary datastructure
Specifies the bandwidth objects.
Descriptions of bandwidth fields
Name Mandatory Type Description
name Yes String Specifies the bandwidth name.The value is a string of 1 to 64characters that can contain letters,digits, underscores (_), and hyphens(-).
size Yes int Specifies the bandwidth size.The value ranges from 1 Mbit/s to300 Mbit/s.
id Yes String Specifies the bandwidth ID, whichuniquely identifies the bandwidth.
share_type Yes String Specifies whether the bandwidth isshared or exclusive.The value can be PER or WHOLE.
publicip_info Yes Dictionarydatastructure
Specifies the elastic IP address ofthe bandwidth.The bandwidth, whose type is set toWHOLE, supports up to 20 elasticIP addresses. The bandwidth, whosetype is set to PER, supports onlyone elastic IP address.
tenant_id Yes String Specifies the tenant ID of the user.
bandwidth_type
Yes String Specifies the bandwidth type.The value can be bgp, union,double, or telcom.
charge_mode No String The default value is traffic.Currently, EIPs can only be chargedby traffic.
publicip_info object
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 63
Name Mandatory Type Description
publicip_id Yes String Specifies the ID of the elastic IPaddress, which uniquely identifiesthe elastic IP address.
publicip_address Yes String Specifies the elastic IP address.
publicip_type Yes String Specifies the elastic IP addresstype.The value can be 5_telcom,5_union, or 5_bgp.
l Example response{ "bandwidth": { "id": "3fa5b383-5a73-4dcb-a314-c6128546d855", "name": "2222", "size": 5, "share_type": "PER", "publicip_info": [ { "publicip_id": "6285e7be-fd9f-497c-bc2d-dd0bdea6efe0", "publicip_address": "161.17.101.9", "publicip_type": "5_bgp" } ], "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "bandwidth_type": "bgp" }}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 64
Returned Value Description
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
6.2 Querying Bandwidths
Function
This interface is used to query bandwidths using search criteria and to display the bandwidthsin a list.
URIl GET /v1/{tenant_id}/bandwidthsl Example:
/v1/{tenant_id}/bandwidths?limit=10&marker=4779ab1c-7c1a-44b1-a02e-93dfc361b32d
l Parameter description
Name Mandatory Type Description
tenant_id Yes String Specifies the tenant ID of theoperator.
marker No String Specifies the resource ID ofpagination query. If the parameter isleft blank, only resources on the firstpage are queried.
limit No int Specifies the number of recordsreturned on each page.The value ranges from 0 to intmax.
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 65
Requestl Parameter description
Nonel Example request
None
Responsel Parameter description
Name Mandatory
Type Description
bandwidths
Yes List datastructure
Specifies the bandwidth list objects.
Descriptions of bandwidths fields
Name Mandatory
Type Description
name Yes String Specifies the bandwidth name.
size Yes int Specifies the bandwidth size.
id Yes String Specifies the bandwidth ID, whichuniquely identifies the bandwidth.
share_type Yes String Specifies whether the bandwidth isshared or exclusive.The value can be PER orWHOLE.
publicip_info Yes Dictionarydata structure
Specifies the elastic IP address ofthe bandwidth.The bandwidth, whose type is setto WHOLE, supports up to 20elastic IP addresses. Thebandwidth, whose type is set toPER, supports only one elastic IPaddress.
tenant_id Yes String Specifies the tenant ID of the user.
bandwidth_type Yes String Specifies the bandwidth type.The value can be bgp, union,double, or telcom.
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 66
Name Mandatory
Type Description
charge_mode No String The default value is traffic.Currently, EIPs can only becharged by traffic.
publicip_info object
Name Mandatory Type Description
publicip_id Yes String Specifies the ID of the elastic IPaddress, which uniquely identifiesthe elastic IP address.
publicip_address
Yes String Specifies the elastic IP address.
publicip_type Yes String Specifies the type of the elastic IPaddress.
l Example response
{ "bandwidths": [ { "id": "a79fd11a-047b-4f5b-8f12-99c178cc780a", "name": "ddddd", "size": 5, "share_type": "PER", "publicip_info": [ { "publicip_id": "80d5b82e-43b9-4f82-809a-37bec5793bd4", "publicip_address": "161.17.101.10", "publicip_type": "5_bgp" } ], "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "bandwidth_type": "bgp" }, { "id": "3fa5b383-5a73-4dcb-a314-c6128546d855", "name": "22212", "size": 6, "share_type": "PER", "publicip_info": [ { "publicip_id": "6285e7be-fd9f-497c-bc2d-dd0bdea6efe0", "publicip_address": "161.17.101.9", "publicip_type": "5_bgp" } ], "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "bandwidth_type": "bgp" }, { "id": "f54e0df7-422d-4ab6-8d65-fd436151479c", "name": "2222", "size": 5, "share_type": "PER", "publicip_info": [
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 67
{ "publicip_id": "4ca21961-8e52-4ff4-b9c5-af2dcc2c7b50", "publicip_address": "161.17.102.13", "publicip_type": "5_bgp" } ], "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "bandwidth_type": "bgp" } ]}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 68
6.3 Updating Bandwidth Information
FunctionThis interface is used to update information about a bandwidth.
URIl PUT /v1/{tenant_id}/bandwidths/{bandwidth_id}l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
bandwidth _id Yes Specifies the bandwidthID, which uniquelyidentifies the bandwidth.
Requestl Parameter description
Name Mandatory Type Description
bandwidth Yes Dictionary datastructure
Specifies the bandwidth objects.
Descriptions of bandwidth fields
Name Mandatory
Type Description
name No String Specifies the bandwidth name.At least one in parameter name or parametersize must be set.The value is a string of 1 to 64 characters thatcan contain letters, digits, underscores (_), andhyphens (-). If the value is left blank, thename of the bandwidth is not changed.
size No int Specifies the bandwidth size.Either parameter size or name must be set.The value ranges from 1 Mbit/s to 300 Mbit/s.If the parameter is not included, the bandwidthsize is not changed.
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 69
l Example request{ "bandwidth": {"name": "bandwidth123", "size": 10 }}
Responsel Parameter description
Name Mandatory Type Description
bandwidth Yes Dictionarydatastructure
Specifies the bandwidth objects.
Descriptions of bandwidth fields
Name Mandatory Type Description
name Yes String Specifies the bandwidth name.
size Yes int Specifies the bandwidth size.
id Yes String Specifies the bandwidth ID, whichuniquely identifies the bandwidth.
share_type Yes String Specifies whether the bandwidth isshared or exclusive.The value can be PER or WHOLE.
publicip_info Yes Dictionary datastructure
Specifies the elastic IP address of thebandwidth.The bandwidth, whose type is set toWHOLE, supports up to 20 elastic IPaddresses. The bandwidth, whose typeis set to PER, supports only oneelastic IP address.
tenant_id Yes String Specifies the tenant ID of the user.
bandwidth_type
Yes String Specifies the type of the bandwidth.
charge_mode No String The default value is traffic. Currently,EIPs can only be charged by traffic.
publicip_info object
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 70
Name Mandatory Type Description
publicip_id Yes String Specifies the ID of the elastic IPaddress, which uniquely identifies theelastic IP address.
publicip_address
Yes String Specifies the elastic IP address.
publicip_type Yes String Specifies the type of the elastic IPaddress.
l Example response{ "bandwidth": { "id": "3fa5b383-5a73-4dcb-a314-c6128546d855", "name": "bandwidth123", "size": 10, "share_type": "PER", "publicip_info": [ { "publicip_id": "6285e7be-fd9f-497c-bc2d-dd0bdea6efe0", "publicip_address": "161.17.101.9", "publicip_type": "5_bgp" } ], "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "bandwidth_type": "bgp" }}
Returned Valuel Normal
200
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 71
Returned Value Description
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 6 Bandwidth
Issue 01 (2017-12-31) 72
7 Quota
7.1 Querying Quotas
Function
This interface is used to query network resource quotas for the VPC service of a tenant. Thenetwork resources include VPCs, subnets, security groups, security group rules, elastic IPaddresses, and VPNs.
URIl GET /v1/{tenant_id}/quotasl Example:
/v1/{tenant_id}/quotas?type=vpcl Parameter description
Name Mandatory
Type Description
tenant_id Yes String Specifies the tenant ID of theoperator.
type No String Specifies the resource type.The value can be vpc, subnet,securityGroup, securityGroupRule,publicIp, vpn, physicalConnect,virtualInterface, vpcPeer,loadbalancer, listener, firewall, orshareBandwidthIP.
Requestl Parameter description
Nonel Example request
Virtual Private CloudAPI Reference 7 Quota
Issue 01 (2017-12-31) 73
None
Responsel Parameter description
Name Mandatory Type Description
quotas Yes List datastructure
Specifies the quota list objects.
Descriptions of quotas fields
Name Mandatory Type Description
resources Yes List datastructure
Specifies the resource list objects.
Descriptions of resources fields
Name Mandatory Type Description
type Yes String Specifies the resource type.The value can be vpc, subnet,securityGroup, securityGroupRule,publicIp, vpn, physicalConnect,virtualInterface, vpcPeer, loadbalancer,listener, firewall, or shareBandwidthIP.
used Yes int Specifies the number of created networkresources.The value ranges from 0 to the value ofquota.
Virtual Private CloudAPI Reference 7 Quota
Issue 01 (2017-12-31) 74
Name Mandatory Type Description
quota Yes int Specifies the maximum quota values forthe resources.The quotas can be changed only in theFusionSphere OpenStack system. If it isleft blank, -1 is displayed and theresources cannot be created.The default quotas for different resourcesare as follows:l VPC: 2l Subnet: 100l Security group: 100l Security group rule: 5000l Elastic IP address: 10l VPN: 5l Physical connection: 10l Virtual interface: 50l Load balancer: 10l Listener: 10l VPC peering connection: 50l Firewall: 200l IP address with shared bandwidth: 20The value ranges from the default quotavalue to the maximum quota value.
min Yes int Specifies the minimum quota valueallowed.
l Example response
{ "quotas": { "resources": [ { "type": "vpc", "used": 4, "quota": 150, "min": 0 }, { "type": "subnet", "used": 5, "quota": 400, "min": 0 }, { "type": "securityGroup", "used": 1, "quota": 100, "min": 0 }, { "type": "securityGroupRule",
Virtual Private CloudAPI Reference 7 Quota
Issue 01 (2017-12-31) 75
"used": 6, "quota": 5000, "min": 0 }, { "type": "publicIp", "used": 2, "quota": 10, "min": 0 }, { "type": "vpn", "used": 0, "quota": 5, "min": 0 }, { "type": "vpcPeer", "used": 0, "quota": 50, "min": 0 }, { "type": "loadbalancer", "used": 0, "quota": 10, "min": 0 }, { "type": "listener", "used": 0, "quota": 10, "min": 0 }, { "type":"physicalConnect", "used":0, "quota":10, "min":0 }, { "type":"virtualInterface", "used":0, "quota":50, "min":0 }, { "type": "firewall", "used": 0, "quota": 200, "min": 0 }, { "type": "shareBandwidthIP", "used": 0, "quota": 20, "min": 0 } ] }}
Returned Valuel Normal
200
l Abnormal
Virtual Private CloudAPI Reference 7 Quota
Issue 01 (2017-12-31) 76
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 7 Quota
Issue 01 (2017-12-31) 77
8 Private IP Address
8.1 Applying for a Private IP Address
Function
This interface is used to apply for a private IP address.
URIl POST /v1/{tenant_id}/privateips
l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
Requestl Parameter description
Name Mandatory Type Description
privateips Yes List datastructure
Specifies the private IP address listobjects.
Descriptions of privateips fields
Name Mandatory Type Description
subnet_id Yes String Specifies the ID of the subnet fromwhich the IP address is allocated.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 78
Name Mandatory Type Description
ip_address No String Specifies the target IP address.The value can be an available IPaddress in the subnet. If it is notspecified, the system automaticallyassigns an IP address.
l Example request
{ "privateips": [ { "subnet_id": "531dec0f-3116-411b-a21b-e612e42349fd" }, { "subnet_id": "531dec0f-3116-411b-a21b-e612e42349fd", "ip_address": "192.168.1.17" } ]}
Responsel Parameter description
Name Mandatory Type Description
privateips Yes List datastructure
Specifies the private IP address listobjects.
Descriptions of privateips fields
Name Mandatory Type Description
status Yes String Specifies the status of theprivate IP address.The value can be ACTIVE orDOWN.
id Yes String Specifies the ID of the privateIP address.
subnet_id Yes String Specifies the ID of the subnetfrom which the IP address isallocated.
tenant_id Yes String Specifies the tenant ID of theoperator.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 79
Name Mandatory Type Description
device_owner
Yes String Specifies the VM using theprivate IP address. Theparameter is left blank if it is notused.The value can benetwork:dhcp,network:router_interface_distributed, or compute:xxx (xxxspecifies the AZ name, forexample, compute:aa-bb-ccindicates that the private IPaddress is used by VM in theaa-bb-cc AZ).The value range specifies onlythe type of private IP addressessupported by the current service.
ip_address Yes String Specifies the private IP addressobtained.
l Example response{ "privateips": [ { "status": "DOWN", "id": "c60c2ce1-1e73-44bd-bf48-fd688448ff7b", "subnet_id": "531dec0f-3116-411b-a21b-e612e42349fd", "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "device_owner": "", "ip_address": "192.168.1.10" }, { "status": "DOWN", "id": "4b123c18-ae92-4dfa-92cd-d44002359aa1", "subnet_id": "531dec0f-3116-411b-a21b-e612e42349fd", "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "device_owner": "", "ip_address": "192.168.1.17" } ]}
Returned Valuel Normal
200
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 80
Returned Value Description
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
8.2 Querying Private IP Address Details
FunctionThis interface is used to query details about a private IP address using the specified ID.
URIl GET /v1/{tenant_id}/privateips/{privateip_id}l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 81
Name Mandatory Description
privateip _id Yes Specifies the ID of theprivate IP address, whichuniquely identifies theprivate IP address.
Requestl Parameter description
Nonel Example request
None
Responsel Parameter description
Name Mandatory Type Description
privateip Yes Dictionarydata structure
Specifies the private IP addressobjects.
Descriptions of privateip fields
Name Mandatory Type Description
status Yes String Specifies the status of the privateIP address.The value can be ACTIVE orDOWN.
id Yes String Specifies the ID of the private IPaddress.
subnet_id Yes String Specifies the ID of the subnet fromwhich the IP address is allocated.
tenant_id Yes String Specifies the tenant ID of theoperator.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 82
Name Mandatory Type Description
device_owner Yes String Specifies the VM using the privateIP address. The parameter is leftblank if it is not used.The value can be network:dhcp,network:router_interface_distributed, or compute:xxx (xxxspecifies the AZ name, forexample, compute:aa-bb-ccindicates that the private IP addressis used by VM in the aa-bb-ccAZ).The value range specifies only thetype of private IP addressessupported by the current service.
ip_address Yes String Specifies the private IP addressobtained.
l Example response{ "privateip": { "status": "DOWN", "id": "d600542a-b231-45ed-af05-e9930cb14f78", "subnet_id": "531dec0f-3116-411b-a21b-e612e42349fd", "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "device_owner": "", "ip_address": "192.168.1.11" }}
Returned Valuel Normal
200
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 83
Returned Value Description
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
8.3 Querying Private IP Addresses
Function
This interface is used to query private IP addresses using search criteria and to display theprivate IP addresses in a list.
URIl GET /v1/{tenant_id}/subnets/{subnet_id}/privateips
l Example:/v1/{tenant_id}/subnets/{subnet_id}/privateips?limit=10&marker=4779ab1c-7c1a-44b1-a02e-93dfc361b32d
l Parameter description
Name Mandatory
Type Description
tenant_id Yes String Specifies the tenant ID of the operator.
subnet_id Yes String Specifies the unique ID of the subnet towhich the private IP address belongs.
marker No String Specifies the resource ID of paginationquery. If the parameter is left blank,only resources on the first page arequeried.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 84
Name Mandatory
Type Description
limit No int Specifies the number of recordsreturned on each page.The value ranges from 0 to intmax.
Requestl Parameter description
Nonel Example request
None
Responsel Parameter description
Name Mandatory Type Description
privateips Yes List datastructure
Specifies the private IP address listobjects.
Descriptions of privateips fields
Name Mandatory Type Description
status Yes String Specifies the status of the private IPaddress.The value can be ACTIVE orDOWN.
id Yes String Specifies the ID of the private IPaddress.
subnet_id Yes String Specifies the ID of the subnet fromwhich the IP address is allocated.
tenant_id Yes String Specifies the tenant ID of theoperator.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 85
Name Mandatory Type Description
device_owner
Yes String Specifies the VM using the private IPaddress. The parameter is left blank ifit is not used.The value can be network:dhcp,network:router_interface_distributed, or compute:xxx (xxx specifiesthe AZ name, for example,compute:aa-bb-cc indicates that theprivate IP address is used by VM inthe aa-bb-cc AZ).The value range specifies only thetype of private IP addresses supportedby the current service.
ip_address Yes String Specifies the private IP addressobtained.
l Example response{ "privateips": [ { "status": "DOWN", "id": "d600542a-b231-45ed-af05-e9930cb14f78", "subnet_id": "531dec0f-3116-411b-a21b-e612e42349fd", "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "device_owner": "", "ip_address": "192.168.1.11" },{ "status": "DOWN", "id": "d600542a-b231-45ed-af05-e9930cb14f79", "subnet_id": "531dec0f-3116-411b-a21b-e612e42349fd", "tenant_id": "8b7e35ad379141fc9df3e178bd64f55c", "device_owner": "", "ip_address": "192.168.1.12" } ]}
Returned Valuel Normal
200
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 86
Returned Value Description
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
8.4 Deleting a Private IP Address
Function
This interface is used to delete a private IP address.
URIl DELETE /v1/{tenant_id}/privateips/{privateip_id}
l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
privateip _id Yes Specifies the ID of theprivate IP address, whichuniquely identifies theprivate IP address.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 87
Requestl Parameter description
Nonel Example request
None
Responsel Example response
None
Returned Valuel Normal
204l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 8 Private IP Address
Issue 01 (2017-12-31) 88
9 Security Group
9.1 Creating a Security Group
FunctionThis interface is used to create a security group.
URIl POST /v1/{tenant_id}/security-groupsl Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
Requestl Parameter description
Name Mandatory Type Description
security_group Yes Dictionary datastructure
Specifies the security group objects.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 89
Table 9-1 Description of security_group fields
Name Mandatory Type Description
name Yes String Specifies the security group name.The value is a string of 1 to 64 characters thatcan contain letters, digits, underscores (_), andhyphens (-).
description No String Provides supplementary information about thesecurity group.The value is a string of 0 to 128 characters,which consists of letters and digits.
vpc_id No String Specifies the resource ID of the VPC to whichthe security group belongs.
l Example request{ "security_group": { "name":"qq", "description": "qq", "vpc_id" : "3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85" } }
Responsel Parameter description
Name Mandatory Type Description
security_group Yes Dictionarydatastructure
Specifies the security group objects.
Descriptions of security_group fields
Name Mandatory Type Description
name Yes String Specifies the security groupname.
description Yes String Provides supplementaryinformation about the securitygroup.
id Yes String Specifies the security group ID,which uniquely identifies thesecurity group.
vpc_id No String Specifies the resource ID of theVPC to which the securitygroup belongs.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 90
Name Mandatory Type Description
security_group_rules Yes List datastructure
Specifies the default securitygroup rule, which ensures thathosts in the security group cancommunicate with one another.
security_group_rules object
Name Mandatory Type Description
id Yes String Specifies the security group ruleID.
security_group_id Yes String Specifies the security group ID.
direction Yes String Specifies the direction of accesscontrol.The value can be egress oringress.
ethertype Yes String Specifies the version of theInternet Protocol.The value can be IPv4 or IPv6.
protocol No String Specifies the protocol type.If the parameter is left blank, thesecurity group supports all typesof protocols.The value can be icmp, tcp, orudp.
port_range_min No Integer Specifies the start port.The value ranges from 1 to65,535.The value must be less than orequal to the value ofport_range_max. An emptyvalue indicates all ports. Ifprotocol is icmp, the valuerange is determined by theICMP-port range relationshiptable provided in Appendix A.2.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 91
Name Mandatory Type Description
port_range_max No Integer Specifies the end port.The value ranges from 1 to65,535.The value must be greater thanor equal to the value ofport_range_min. An emptyvalue indicates all ports. Ifprotocol is icmp, the valuerange is determined by theICMP-port range relationshiptable provided in Appendix A.2.
remote_ip_prefix No String Specifies the remote IP address.If the access control direction isset to egress, the parameterspecifies the source IP address.If the access control direction isset to ingress, the parameterspecifies the destination IPaddress.The parameter is exclusive withparameter remote_group_id.The value can be in the CIDRformat or IP addresses.
remote_group_id No String Specifies the ID of the peersecurity group.The value is exclusive withparameter remote_ip_prefix.
l Example response{ "security_group": { "id": "16b6e77a-08fa-42c7-aa8b-106c048884e6", "name": "qq", "description": "qq", "vpc_id": "3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85", "security_group_rules": [ { "direction": "egress", "ethertype": "IPv4", "id": "369e6499-b2cb-4126-972a-97e589692c62", "security_group_id": "16b6e77a-08fa-42c7-aa8b-106c048884e6" }, { "direction": "ingress", "ethertype": "IPv4", "id": "0222556c-6556-40ad-8aac-9fd5d3c06171", "remote_group_id": "16b6e77a-08fa-42c7-aa8b-106c048884e6", "security_group_id": "16b6e77a-08fa-42c7-aa8b-106c048884e6" } ] } }
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 92
Returned Value Description
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because theserver has received an invalid response.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
9.2 Querying Security Group Details
Function
This interface is used to query details about a security group.
URIl GET /v1/{tenant_id}/security-groups/{security_group_id}
l Parameter description
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 93
Name Mandatory Description
security_group_id Yes Specifies the securitygroup ID, which uniquelyidentifies the securitygroup.
Requestl Parameter description
Nonel Example request
None
Responsel Parameter description
Name Mandatory Type Description
security_group Yes Dictionarydatastructure
Specifies the security group objects.
Table 9-2 Description of security_group fields
Name Mandatory Type Description
name Yes String Specifies the security groupname.
description Yes String Provides supplementaryinformation about the securitygroup.
id Yes String Specifies the security group ID,which uniquely identifies thesecurity group.
vpc_id No String Specifies the resource ID of theVPC to which the security groupbelongs.
security_group_rules Yes List datastructure
Specifies the default securitygroup rule, which ensures thathosts in the security group cancommunicate with one another.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 94
Table 9-3 security_group_rules object
Name Mandatory Type Description
id Yes String Specifies the security group ruleID.
security_group_id Yes String Specifies the security group ID.
direction Yes String Specifies the direction of accesscontrol.The value can be egress oringress.
ethertype Yes String Specifies the version of theInternet Protocol.The value can be IPv4 or IPv6.
protocol No String Specifies the protocol type.If the parameter is left blank, thesecurity group supports all typesof protocols.The value can be icmp, tcp, orudp.
port_range_min No Integer Specifies the start port.The value ranges from 1 to65,535.The value must be less than orequal to the value ofport_range_max. An empty valueindicates all ports. If protocol isicmp, the value range isdetermined by the ICMP-portrange relationship table providedin Appendix A.2.
port_range_max No Integer Specifies the end port.The value ranges from 1 to65,535.The value must be greater than orequal to the value ofport_range_min. An empty valueindicates all ports. If protocol isicmp, the value range isdetermined by the ICMP-portrange relationship table providedin Appendix A.2.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 95
Name Mandatory Type Description
remote_ip_prefix No String Specifies the remote IP address. Ifthe access control direction is setto egress, the parameter specifiesthe source IP address. If the accesscontrol direction is set to ingress,the parameter specifies thedestination IP address.The parameter is exclusive withparameter remote_group_id.The value can be in the CIDRformat or IP addresses.
remote_group_id No String Specifies the ID of the peersecurity group.The value is exclusive withparameter remote_ip_prefix.
l Example response{ "security_group": { "id": "16b6e77a-08fa-42c7-aa8b-106c048884e6", "name": "qq", "description": "qq", "vpc_id": "3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85", "security_group_rules": [ { "direction": "egress", "ethertype": "IPv4", "id": "369e6499-b2cb-4126-972a-97e589692c62", "security_group_id": "16b6e77a-08fa-42c7-aa8b-106c048884e6" }, { "direction": "ingress", "ethertype": "IPv4", "id": "0222556c-6556-40ad-8aac-9fd5d3c06171", "remote_group_id": "16b6e77a-08fa-42c7-aa8b-106c048884e6", "security_group_id": "16b6e77a-08fa-42c7-aa8b-106c048884e6" } ] } }
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 96
Returned Value Description
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because theserver has received an invalid response.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
9.3 Querying Security Groups
FunctionThis interface is used to query security groups using search criteria and to display the securitygroups in a list.
URIl GET /v1/{tenant_id}/security-groupsl Example:
/v1/{tenant_id}/security-groups?limit=10&marker=4779ab1c-7c1a-44b1-a02e-93dfc361b32d&vpc_id=3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85
l Parameter description
Name Mandatory Type Description
tenant_id Yes String Specifies the tenant IDof the operator.
marker No String Specifies the resourceID of pagination query.If the parameter is leftblank, only resources onthe first page arequeried.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 97
Name Mandatory Type Description
limit No int Specifies the number ofrecords returned on eachpage.The value ranges from 0to intmax.
vpc_id No String Specifies the VPC IDused as the query filter.
Requestl Parameter description
Nonel Example request
None
Responsel Parameter description
Name Mandatory Type Description
security_groups
Yes List datastructure
Specifies the security group listobjects.
Table 9-4 Descriptions of security_groups fields
Name Mandatory Type Description
name Yes String Specifies the securitygroup name.
description Yes String Provides supplementaryinformation about thesecurity group.
id Yes String Specifies the securitygroup ID, which uniquelyidentifies the securitygroup.
vpc_id No String Specifies the resource IDof the VPC to which thesecurity group belongs.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 98
Name Mandatory Type Description
security_group_rules Yes List datastructure
Specifies the defaultsecurity group rule, whichensures that hosts in thesecurity group cancommunicate with oneanother.
Table 9-5 security_group_rules object
Name Mandatory Type Description
id Yes String Specifies the securitygroup rule ID.
security_group_id Yes String Specifies the securitygroup ID.
direction Yes String Specifies the direction ofaccess control.The value can be egressor ingress.
ethertype Yes String Specifies the version ofthe Internet Protocol.The value can be IPv4 orIPv6.
protocol No String Specifies the protocoltype.If the parameter is leftblank, the security groupsupports all types ofprotocols.The value can be icmp,tcp, or udp.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 99
Name Mandatory Type Description
port_range_min No Integer Specifies the start port.The value ranges from 1to 65,535.The value must be lessthan or equal to the valueof port_range_max. Anempty value indicates allports. If protocol is icmp,the value range isdetermined by the ICMP-port range relationshiptable provided inAppendix A.2.
port_range_max No Integer Specifies the end port.The value ranges from 1to 65,535.The value must be greaterthan or equal to the valueof port_range_min. Anempty value indicates allports. If protocol is icmp,the value range isdetermined by the ICMP-port range relationshiptable provided inAppendix A.2.
remote_ip_prefix No String Specifies the remote IPaddress. If the accesscontrol direction is set toegress, the parameterspecifies the source IPaddress. If the accesscontrol direction is set toingress, the parameterspecifies the destinationIP address.The parameter isexclusive with parameterremote_group_id.The value can be in theCIDR format or IPaddresses.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 100
Name Mandatory Type Description
remote_group_id No String Specifies the ID of thepeer security group.The value is exclusivewith parameterremote_ip_prefix.
l Example response{"security_groups": [{"id": "16b6e77a-08fa-42c7-aa8b-106c048884e6","name": "qq","description": "qq", "vpc_id": "3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85","security_group_rules": [ ]},{"id": "9c0f56be-a9ac-438c-8c57-fce62de19419","name": "default","description": "default", "vpc_id": "13551d6b-755d-4757-b956-536f674975c0","security_group_rules": []}]}{ "security_groups": [ { "id": "16b6e77a-08fa-42c7-aa8b-106c048884e6", "name": "qq", "description": "qq", "vpc_id": "3ec3b33f-ac1c-4630-ad1c-7dba1ed79d85", "security_group_rules": [ { "direction": "egress", "ethertype": "IPv4", "id": "369e6499-b2cb-4126-972a-97e589692c62", "security_group_id": "16b6e77a-08fa-42c7-aa8b-106c048884e6" }, { "direction": "ingress", "ethertype": "IPv4", "id": "0222556c-6556-40ad-8aac-9fd5d3c06171", "remote_group_id": "16b6e77a-08fa-42c7-aa8b-106c048884e6", "security_group_id": "16b6e77a-08fa-42c7-aa8b-106c048884e6" } ] }, { "id": "9c0f56be-a9ac-438c-8c57-fce62de19419", "name": "default", "description": "qq", "vpc_id": "13551d6b-755d-4757-b956-536f674975c0", "security_group_rules": [ { "direction": "egress", "ethertype": "IPv4", "id": "95479e0a-e312-4844-b53d-a5e4541b783f", "security_group_id": "9c0f56be-a9ac-438c-8c57-fce62de19419" }, { "direction": "ingress", "ethertype": "IPv4", "id": "0c4a2336-b036-4fa2-bc3c-1a291ed4c431", "remote_group_id": "9c0f56be-a9ac-438c-8c57-fce62de19419", "security_group_id": "9c0f56be-a9ac-438c-8c57-fce62de19419" } ] } ] }
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 101
Returned Value Description
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because theserver has received an invalid response.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
9.4 Deleting a Security Group
FunctionThis interface is used to delete a security group.
URIl DELETE /v1/{tenant_id}/security-groups/{security_group_id}l Parameter description
Name Mandatory Description
security_group_id Yes Specifies the security group ID,which uniquely identifies thesecurity group.
tenant_id No Specifies the tenant ID of theoperator.
Requestl Parameter description
Nonel Example Request
None
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 102
Responsel Example Response
None
Returned Valuel Normal
204l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 103
9.5 Creating a Security Group Rule
Function
This interface is used to create a security group rule.
URIl POST /v1/{tenant_id}/security-group-rules
l Parameter description
None
Requestl Parameter description
Name Mandatory
Type Description
security_group_rule Yes Dictionarydata structure
Specifies the security grouprule.
Descriptions of security_group_rule fields
Name Mandatory
Type Description
security_group_id Yes String Specifies the security group ID.
direction Yes String Specifies the direction of accesscontrol.The value can be egress oringress.
ethertype No String Specifies the version of theInternet Protocol.The value can be IPv4 or IPv6.If you do not set this parameter,IPv4 is used by default.
protocol No String Specifies the protocol type.If the parameter is left blank, thesecurity group supports all typesof protocols.The value can be icmp, tcp, orudp.Specifies the protocol.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 104
Name Mandatory
Type Description
port_range_min No Integer Specifies the start port.The value ranges from 1 to65,535.The value cannot be greater thanthe port_range_max value. Anempty value indicates all ports. Ifthe protocol is icmp, the valuerange is shown in A.2 ICMP-Port Range Relationship Table.
port_range_max No Integer Specifies the end port.The value ranges from 1 to65,535.If the protocol is not icmp, thevalue cannot be smaller than theport_range_min value. Anempty value indicates all ports. Ifthe protocol is icmp, the valuerange is shown in A.2 ICMP-Port Range Relationship Table.
remote_ip_prefix No String Specifies the remote IP address.If the access control direction isset to egress, the parameterspecifies the source IP address. Ifthe access control direction is setto ingress, the parameterspecifies the destination IPaddress.The parameter is exclusive withparameter remote_group_id.The value can be in the CIDRformat or IP addresses.
remote_group_id No String Specifies the ID of the peersecurity group.The value is exclusive withparameter remote_ip_prefix.
l Example Request{"security_group_rule": {"direction": "ingress","port_range_min": "80","ethertype": "IPv4","port_range_max": "80","protocol": "tcp","remote_group_id": "85cc3048-abc3-43cc-89b3-377341426ac5","security_group_id": "a7734e61-b545-452d-a3cd-0189cbd9747a"
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 105
}}
Responsel Parameter description
Name Mandatory
Type Description
security_group_rule
Yes Dictionarydata structure
Specifies the security group rule.
security_group_rule objects
Name Mandatory Type Description
id Yes String Specifies the security group ruleID.
security_group_id Yes String Specifies the security group ID.
direction Yes String Specifies the direction of accesscontrol.The value can be egress oringress.
ethertype Yes String Specifies the version of theInternet Protocol.The value can be IPv4 or IPv6.
protocol No String Specifies the protocol type.If the parameter is left blank, thesecurity group supports all typesof protocols.The value can be icmp, tcp, orudp.
port_range_min No Integer Specifies the start port.The value ranges from 1 to65,535.The value must be less than orequal to the value ofport_range_max. An emptyvalue indicates all ports. Ifprotocol is icmp, the valuerange is determined by theICMP-port range relationshiptable provided in Appendix A.2.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 106
Name Mandatory Type Description
port_range_max No Integer Specifies the end port.The value ranges from 1 to65,535.The value must be greater thanor equal to the value ofport_range_min. An emptyvalue indicates all ports. Ifprotocol is icmp, the valuerange is determined by theICMP-port range relationshiptable provided in Appendix A.2.
remote_ip_prefix No String Specifies the remote IP address.If the access control direction isset to egress, the parameterspecifies the source IP address.If the access control direction isset to ingress, the parameterspecifies the destination IPaddress.The parameter is exclusive withparameter remote_group_id.The value can be in the CIDRformat or IP addresses.
remote_group_id No String Specifies the ID of the peersecurity group.The value is exclusive withparameter remote_ip_prefix.
l Example Response{"security_group_rule": {"direction": "ingress","ethertype": "IPv4","id": "2bc0accf-312e-429a-956e-e4407625eb62","port_range_max": 80,"port_range_min": 80,"protocol": "tcp","remote_group_id": "85cc3048-abc3-43cc-89b3-377341426ac5","remote_ip_prefix": null,"security_group_id": "a7734e61-b545-452d-a3cd-0189cbd9747a","tenant_id": "e4f50856753b4dc6afee5fa6b9b6c550"}}
Returned Valuel Normal
201
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 107
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
9.6 Querying Security Group Rule Details
FunctionThis interface is used to query details about a security group rule.
URIl GET /v1/{tenant_id}/security-group-rules/{rules_security_groups_id}l Parameter description
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 108
Name Mandatory Description
tenant_id Yes Specifies the tenant ID ofthe operator.
rules_security_groups_id Yes Specifies the securitygroup rule ID, whichuniquely identifies thesecurity group rule.
Requestl Parameter description
Nonel Example Request
None
Responsel Parameter description
Name Mandatory
Type Description
security_group_rule Yes Dictionarydata structure
Specifies the security group rule.
security_group_rule objects
Name Mandatory Type Description
id Yes String Specifies the security group ruleID.
security_group_id Yes String Specifies the security group ID.
direction Yes String Specifies the direction of accesscontrol.The value can be egress oringress.
ethertype Yes String Specifies the version of theInternet Protocol.The value can be IPv4 or IPv6.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 109
Name Mandatory Type Description
protocol No String Specifies the protocol type.If the parameter is left blank, thesecurity group supports all typesof protocols.The value can be icmp, tcp, orudp.
port_range_min No Integer Specifies the start port.The value ranges from 1 to65,535.The value cannot be greater thanthe port_range_max value. Anempty value indicates all ports.If the protocol is icmp, the valuerange is shown in A.2 ICMP-Port Range RelationshipTable.
port_range_max No Integer Specifies the end port.The value ranges from 1 to65,535.If the protocol is not icmp, thevalue cannot be smaller than theport_range_min value. Anempty value indicates all ports.If the protocol is icmp, the valuerange is shown in A.2 ICMP-Port Range RelationshipTable.
remote_ip_prefix No String Specifies the remote IP address.If the access control direction isset to egress, the parameterspecifies the source IP address.If the access control direction isset to ingress, the parameterspecifies the destination IPaddress.The parameter is exclusive withparameter remote_group_id.The value can be in the CIDRformat or IP addresses.
remote_group_id No String Specifies the ID of the peersecurity group.The value is exclusive withparameter remote_ip_prefix.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 110
l Example Response{"security_group_rule": {"direction": "ingress","ethertype": "IPv4","id": "2bc0accf-312e-429a-956e-e4407625eb62","port_range_max": 80,"port_range_min": 80,"protocol": "tcp","remote_group_id": "85cc3048-abc3-43cc-89b3-377341426ac5","remote_ip_prefix": null,"security_group_id": "a7734e61-b545-452d-a3cd-0189cbd9747a","tenant_id": "e4f50856753b4dc6afee5fa6b9b6c550"}}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 111
Returned Value Description
504 Gateway Timeout A gateway timeout error occurred.
9.7 Querying Security Group Rules
Function
This interface is used to query security group rules using search criteria and to display thesecurity group rules in a list.
URIl GET /v1/{tenant_id}/security-group-rules
l Example:/v1/{tenant_id}/security-groups?security_group_id=a7734e61-b545-452da3cd-0189cbd9747a&limit=10&marker=4779ab1c-7c1a-44b1-a02e-93dfc361b32d
l Parameter description
Name Mandatory Type Description
tenant_id Yes String Specifies the tenant IDof the operator.
marker No String Specifies the resourceID of pagination query.If the parameter is leftblank, only resources onthe first page arequeried.
limit No int Specifies the number ofrecords returned on eachpage.The value ranges from 0to intmax.
security_group_id
No String Specifies the securitygroup ID.
Requestl Parameter description
None
l Example Request
None
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 112
Responsel Parameter description
Name Mandatory
Type Description
security_group_rules
Yes List datastructure
Specifies the security grouprules.
security_group_rule objects
Name Mandatory Type Description
id Yes String Specifies the security group ruleID.
security_group_id Yes String Specifies the security group ID.
direction Yes String Specifies the direction of accesscontrol.The value can be egress oringress.
ethertype Yes String Specifies the version of theInternet Protocol.The value can be IPv4 or IPv6.
protocol No String Specifies the protocol type.If the parameter is left blank, thesecurity group supports all typesof protocols.The value can be icmp, tcp, orudp.
port_range_min No Integer Specifies the start port.The value ranges from 1 to65,535.The value cannot be greater thanthe port_range_max value. Anempty value indicates all ports.If the protocol is icmp, the valuerange is shown in A.2 ICMP-Port Range RelationshipTable.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 113
Name Mandatory Type Description
port_range_max No Integer Specifies the end port.The value ranges from 1 to65,535.If the protocol is not icmp, thevalue cannot be smaller than theport_range_min value. Anempty value indicates all ports.If the protocol is icmp, the valuerange is shown in A.2 ICMP-Port Range RelationshipTable.
remote_ip_prefix No String Specifies the remote IP address.If the access control direction isset to egress, the parameterspecifies the source IP address.If the access control direction isset to ingress, the parameterspecifies the destination IPaddress.The parameter is exclusive withparameter remote_group_id.The value can be in the CIDRformat or IP addresses.
remote_group_id No String Specifies the ID of the peersecurity group.The value is exclusive withparameter remote_ip_prefix.
l Example Response{"security_group_rules": [{"direction": "egress","ethertype": "IPv6","id": "3c0e45ff-adaf-4124-b083-bf390e5482ff","port_range_max": null,"port_range_min": null,"protocol": null,"remote_group_id": null,"remote_ip_prefix": null,"security_group_id": "85cc3048-abc3-43cc-89b3-377341426ac5","tenant_id": "e4f50856753b4dc6afee5fa6b9b6c550"},{"direction": "egress","ethertype": "IPv4","id": "93aa42e5-80db-4581-9391-3a608bd0e448","port_range_max": null,"port_range_min": null,"protocol": null,"remote_group_id": null,"remote_ip_prefix": null,
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 114
"security_group_id": "85cc3048-abc3-43cc-89b3-377341426ac5","tenant_id": "e4f50856753b4dc6afee5fa6b9b6c550"},{"direction": "ingress","ethertype": "IPv6","id": "c0b09f00-1d49-4e64-a0a7-8a186d928138","port_range_max": null,"port_range_min": null,"protocol": null,"remote_group_id": "85cc3048-abc3-43cc-89b3-377341426ac5","remote_ip_prefix": null,"security_group_id": "85cc3048-abc3-43cc-89b3-377341426ac5","tenant_id": "e4f50856753b4dc6afee5fa6b9b6c550"},{"direction": "ingress","ethertype": "IPv4","id": "f7d45c89-008e-4bab-88ad-d6811724c51c","port_range_max": null,"port_range_min": null,"protocol": null,"remote_group_id": "85cc3048-abc3-43cc-89b3-377341426ac5","remote_ip_prefix": null,"security_group_id": "85cc3048-abc3-43cc-89b3-377341426ac5","tenant_id": "e4f50856753b4dc6afee5fa6b9b6c550"}]}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 115
Returned Value Description
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
9.8 Deleting a Security Group Rule
Function
This interface is used to delete a security group rule.
URIl DELETE /v1/{tenant_id}/security-group-rules/{rules_security_groups_id}
l Parameter description
Name Mandatory Description
rules_security_groups_id Yes Specifies the security group ruleID, which uniquely identifies thesecurity group rule.
tenant_id No Specifies the tenant ID of theoperator.
Requestl Parameter description
None
l Example Request
None
Responsel Example Response
None
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 116
Returned Valuel Normal
204l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 9 Security Group
Issue 01 (2017-12-31) 117
10 Port
10.1 Creating a Port
Function
This interface is used to create a port.
URLl POST /v1/ports
Requestl Parameter description
Name Mandatory Type Description
port Yes Dictionarydata structure
Specifies the port object.
Descriptions of port fields
Name Mandatory
Type Description
name No String Specifies the port name.The value can contain no morethan 255 characters. Thisparameter is left blank bydefault.
network_id Yes String Specifies the ID of the networkto which the port belongs.The network ID must be a realone in the network environment.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 118
Name Mandatory
Type Description
admin_state_up No Bool Specifies the administrativestate of the port.The value can only be true, andthe default value is true.
fixed_ips No Dict Specifies the port IP address.A port supports only one fixedIP address that cannot bechanged.
tenant_id No String Specifies the ID of the tenant.Only the administrator canspecify the tenant ID of othertenants.
security_groups No List Specifies the UUID of thesecurity group, for example,"security_groups":["a0608cbf-d047-4f54-8b28-cd7b59853fff"]. This attributeis extended.
allowed_address_pairs No Dict 1. Specifies a set of zero ormore allowed address pairs.An address pair consists ofan IP address and MACaddress. This attribute isextended. For details, seeparameterallow_address_pair.
2. The IP address cannot be0.0.0.0.
3. Configure an independentsecurity group for the port ifa large CIDR block (subnetmask less than 24) isconfigured for parameterallowed_address_pairs.
extra_dhcp_opts No List Specifies a set of zero or moreextra DHCP option pairs. Anoption pair consists of an optionvalue and name. This attribute isextended.
Parameter fixed_ip
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 119
Name Mandatory Type Description
subnet_id No String Specifies the subnet ID.You cannot change the parametervalue.
ip_address No String Specifies the port IP address.You cannot change the parametervalue.
Parameter allow_address_pair
Name Mandatory Type Description
ip_address No String 1. Specifies the IP address.2. You cannot set it to 0.0.0.0.3. Configure an independent security
group for the port if a large CIDRblock (subnet mask less than 24) isconfigured for parameterallowed_address_pairs.
mac_address No String Specifies the MAC address.
Parameter extra_dhcp_opt
Name Mandatory Type Description
opt_name No String Specifies the option name.
opt_value No String Specifies the option value.
l Example request
{"port": {"admin_state_up": true,"fixed_ips": [{"ip_address": "10.128.1.10","subnet_id": "70f2e74b-e660-410a-b754-0ca46744348a"}],"name": "test","network_id": "5b808927-13c9-4e60-a4f4-ed6ffe225167","tenant_id": "43f2d1cca56a40729dcb17212482f34d"}}
{"port": {"admin_state_up": true,"fixed_ips": [{"ip_address": "10.128.1.10",
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 120
"subnet_id": "70f2e74b-e660-410a-b754-0ca46744348a"}],"name": "test","network_id": "5b808927-13c9-4e60-a4f4-ed6ffe225167","tenant_id": "43f2d1cca56a40729dcb17212482f34d"}}
Responsel Parameter description
Name Mandatory Type Description
port Yes Dictionary datastructure
Specifies the port object.
Descriptions of port fields
Name Mandatory Type Description
id Yes String Specifies the port ID, whichuniquely identifies the port.
name No String Specifies the port name.The value can contain no morethan 255 characters. Thisparameter is left blank bydefault.
network_id Yes String Specifies the ID of the networkto which the port belongs.The network ID must be a realone in the networkenvironment.
admin_state_up Yes Bool Specifies the administrativestate of the port.The value can only be true,and the default value is true.
mac_address Yes String Specifies the port MACaddress.The system automatically setsthis parameter, and you are notallowed to configure theparameter value.
fixed_ips No List Specifies the port IP address.A port supports only one fixedIP address that cannot bechanged.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 121
Name Mandatory Type Description
device_id No String Specifies the ID of the deviceto which the port belongs.The system automatically setsthis parameter, and you are notallowed to configure or changethe parameter value.
device_owner No String Specifies the belonged device,which can be the DHCP server,router, load balancers, or Nova.The system automatically setsthis parameter, and you are notallowed to configure or changethe parameter value.
tenant_id Yes String Specifies the ID of the tenant.Only the administrator canspecify the tenant ID of othertenants.
status Yes String Specifies the status of the port.The value can be ACTIVE,BUILD, or DOWN.
security_groups Yes List Specifies the UUID of thesecurity group. This attribute isextended.
allowed_address_pairs No List 1. Specifies a set of zero ormore allowed address pairs.An address pair consists ofan IP address and MACaddress. This attribute isextended. For details, seeparameterallow_address_pair.
2. The IP address cannot be0.0.0.0.
3. Configure an independentsecurity group for the portif a large CIDR block(subnet mask less than 24)is configured for parameterallowed_address_pairs.
extra_dhcp_opts No List Specifies a set of zero or moreextra DHCP option pairs. Anoption pair consists of anoption value and name. Thisattribute is extended.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 122
Name Mandatory Type Description
binding:vif_type No String Specifies the interface type ofthe port. The value can be ovs,hw_veb, or others. Thisattribute is extended.This parameter is visible onlyto administrators.
binding:vif_details No Dict Specifies the VIF details.Parameter ovs_hybrid_plugspecifies whether the OVS/bridge hybrid mode is used.This parameter is visible onlyto administrators.
binding:host_id No String Specifies the host ID.This parameter is visible onlyto administrators.
binding:profile No Dict Allows the configuration ofcustomized data. This attributeis extended.This parameter is visible onlyto administrators.
binding:vnic_type Yes String Specifies the type of the boundvNIC.The value can be normal ordirect.Parameter normal indicatessoftware switching. Parameterdirect indicates SR-IOV PCIepassthrough, which is notsupported.
dns_assignment No List(Dict)
Specifies the default privatenetwork domain nameinformation of the active NIC.The system automatically setsthis parameter, and you are notallowed to configure or changethe parameter value.
dns_name No String Specifies the default privatenetwork DNS name of theactive NIC.The system automatically setsthis parameter, and you are notallowed to configure or changethe parameter value.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 123
Parameter fixed_ip
Name Mandatory Type Description
subnet_id No String Specifies the subnet ID.You cannot change the parametervalue.
ip_address No String Specifies the port IP address.
Parameter allow_address_pair
Name Mandatory Type Description
ip_address No String 1. Specifies the IP address.2. You cannot set it to 0.0.0.0.3. Configure an independent
security group for the port if alarge CIDR block (subnet maskless than 24) is configured forparameterallowed_address_pairs.
mac_address No String Specifies the MAC address.
Parameter extra_dhcp_opt
Name Mandatory Type Description
opt_name No String Specifies the option name.
opt_value No String Specifies the option value.
l Example response
{"port": {"id": "d00f9c13-412f-4855-8af3-de5d8c24cd60","name": "test","status": "DOWN","admin_state_up": "true","fixed_ips": [{"subnet_id": "70f2e74b-e660-410a-b754-0ca46744348a","ip_address": "10.128.1.10"}],"dns_name": "","mac_address": "fa:16:3e:d7:f2:6c","network_id": "5b808927-13c9-4e60-a4f4-ed6ffe225167","tenant_id": "43f2d1cca56a40729dcb17212482f34d","device_id": "","device_owner": "",
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 124
"security_groups": ["02b4e8ee-74fa-4a31-802e-5490df11245e"],"extra_dhcp_opts": [],"allowed_address_pairs": [],"binding:vnic_type": "normal"}}
Returned Valuel Normal
201l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 125
10.2 Querying a Port
Function
This interface is used to query a single port.
URLl GET /v1/ports/{port_id}
l Parameter description
Name Mandatory Description
port_id Yes Specifies the port ID,which uniquely identifiesthe port.
Requestl Parameter description
None
l Example request
None
Responsel Parameter description
Name Mandatory
Type Description
port Yes Dictionarydata structure
Specifies the port object.
Descriptions of port fields
Name Mandatory
Type Description
id Yes String Specifies the port ID, whichuniquely identifies the port.
name No String Specifies the port name.The value can contain no morethan 255 characters. Thisparameter is left blank by default.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 126
Name Mandatory
Type Description
network_id Yes String Specifies the ID of the network towhich the port belongs.The network ID must be a realone in the network environment.
admin_state_up Yes Bool Specifies the administrative stateof the port.The value can only be true, andthe default value is true.
mac_address Yes String Specifies the port MAC address.The system automatically sets thisparameter, and you are notallowed to configure theparameter value.
fixed_ips No List Specifies the port IP address.A port supports only one fixed IPaddress that cannot be changed.
device_id No String Specifies the ID of the device towhich the port belongs.The system automatically sets thisparameter, and you are notallowed to configure or changethe parameter value.
device_owner No String Specifies the belonged device,which can be the DHCP server,router, load balancers, or Nova.The system automatically sets thisparameter, and you are notallowed to configure or changethe parameter value.
tenant_id Yes String Specifies the ID of the tenant.Only the administrator can specifythe tenant ID of other tenants.
status Yes String Specifies the status of the port.The value can be ACTIVE,BUILD, or DOWN.
security_groups Yes List Specifies the UUID of thesecurity group. This attribute isextended.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 127
Name Mandatory
Type Description
allowed_address_pairs No List Specifies a set of zero or moreallowed address pairs. An addresspair consists of an IP address andMAC address. This attribute isextended. For details, seeparameter allow_address_pair.The IP address cannot be 0.0.0.0.
extra_dhcp_opts No List Specifies a set of zero or moreextra DHCP option pairs. Anoption pair consists of an optionvalue and name. This attribute isextended.
binding:vif_type No String Specifies the interface type of theport. The value can be ovs,hw_veb, or others. This attributeis extended.This parameter is visible only toadministrators.
binding:vif_details No Dict Specifies the VIF details.Parameter ovs_hybrid_plugspecifies whether the OVS/bridgehybrid mode is used.This parameter is visible only toadministrators.
binding:host_id No String Specifies the host ID.This parameter is visible only toadministrators.
binding:profile No Dict Allows the configuration ofcustomized data. This attribute isextended.This parameter is visible only toadministrators.
binding:vnic_type Yes String Specifies the type of the boundvNIC.The value can be normal ordirect.Parameter normal indicatessoftware switching. Parameterdirect indicates SR-IOV PCIepassthrough, which is notsupported.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 128
Name Mandatory
Type Description
dns_assignment No List(Dict)
Specifies the default privatenetwork domain nameinformation of the active NIC.The system automatically sets thisparameter, and you are notallowed to configure or changethe parameter value.
dns_name No String Specifies the default privatenetwork DNS name of the activeNIC.The system automatically sets thisparameter, and you are notallowed to configure or changethe parameter value.
Parameter fixed_ip
Name Mandatory
Type Description
subnet_id No String Specifies the subnet ID.
ip_address No String Specifies the port IP address.
Parameter allow_address_pair
Name Mandatory
Type Description
ip_address No String Specifies the IP address.You cannot set it to 0.0.0.0.
mac_address No String Specifies the MAC address.
Parameter extra_dhcp_opt
Name Mandatory
Type Description
opt_name No String Specifies the option name.
opt_value No String Specifies the option value.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 129
l Example response{"port": {"id": "d00f9c13-412f-4855-8af3-de5d8c24cd60","name": "test","status": "DOWN","admin_state_up": "true","fixed_ips": [{"subnet_id": "70f2e74b-e660-410a-b754-0ca46744348a","ip_address": "10.128.1.10"}],"dns_name": "","mac_address": "fa:16:3e:d7:f2:6c","network_id": "5b808927-13c9-4e60-a4f4-ed6ffe225167","tenant_id": "43f2d1cca56a40729dcb17212482f34d","device_id": "","device_owner": "","security_groups": ["02b4e8ee-74fa-4a31-802e-5490df11245e"],"extra_dhcp_opts": [],"allowed_address_pairs": [],"binding:vnic_type": "normal"}}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 130
Returned Value Description
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
10.3 Querying Ports
FunctionThis interface is used to query ports and to display the ports in a list.
URLl GET /v1/portsl Example:
/v1/ports?id={port_id}&name={port_name}&admin_state_up={is_admin_status_up}&network_id={network_id}&mac_address={port_mac}&device_id={port_device_id}&device_owner={device_owner}&status={port_status}
l Parameter description
Name Mandatory Type Description
id No String Specifies that the port ID isused as the filter.
name No String Specifies that the port nameis used as the filter.The value can contain nomore than 255 characters.
admin_state_up No Bool Specifies that theadministrative state is usedas the filter.
network_id No String Specifies that the network IDis used as the filter.
mac_address No String Specifies that the MACaddress is used as the filter.
device_id No String Specifies that the device IDis used as the filter.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 131
Name Mandatory Type Description
device_owner No String Specifies that the deviceowner is used as the filter.
status No String Specifies the status of theport.The value can be ACTIVE,BUILD, and DOWN.
marker No String Specifies the resource ID ofpagination query. If theparameter is left blank, onlyresources on the first pageare queried.
limit No int Specifies the number ofrecords returned on eachpage.The value ranges from 0 tointmax.
Requestl Parameter description
Nonel Example request
None
Responsel Parameter description
Name Mandatory Type Description
ports Yes List datastructure
Specifies the port objects.
Descriptions of ports fields
Name Mandatory Type Description
id Yes String Specifies the port ID, whichuniquely identifies the port.
name No String Specifies the port name.The value can contain no morethan 255 characters. Thisparameter is left blank by default.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 132
Name Mandatory Type Description
network_id Yes String Specifies the ID of the network towhich the port belongs.The network ID must be a realone in the network environment.
admin_state_up Yes Bool Specifies the administrative stateof the port.The value can only be true, andthe default value is true.
mac_address Yes String Specifies the port MAC address.The system automatically sets thisparameter, and you are notallowed to configure theparameter value.
fixed_ips No List Specifies the port IP address.A port supports only one fixed IPaddress that cannot be changed.
device_id No String Specifies the ID of the device towhich the port belongs.The system automatically sets thisparameter, and you are notallowed to configure or changethe parameter value.
device_owner No String Specifies the belonged device,which can be the DHCP server,router, load balancers, or Nova.The system automatically sets thisparameter, and you are notallowed to configure or changethe parameter value.
tenant_id Yes String Specifies the ID of the tenant.Only the administrator can specifythe tenant ID of other tenants.
status Yes String Specifies the status of the port.The value can be ACTIVE,BUILD, or DOWN.
security_groups Yes List Specifies the UUID of thesecurity group. This attribute isextended.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 133
Name Mandatory Type Description
allowed_address_pairs
No List Specifies a set of zero or moreallowed address pairs. An addresspair consists of an IP address andMAC address. This attribute isextended. For details, seeparameter allow_address_pair.The IP address cannot be 0.0.0.0.
extra_dhcp_opts No List Specifies a set of zero or moreextra DHCP option pairs. Anoption pair consists of an optionvalue and name. This attribute isextended.
binding:vif_type No String Specifies the interface type of theport. The value can be ovs,hw_veb, or others. This attributeis extended.This parameter is visible only toadministrators.
binding:vif_details No Dict Specifies the VIF details.Parameter ovs_hybrid_plugspecifies whether the OVS/bridgehybrid mode is used.This parameter is visible only toadministrators.
binding:host_id No String Specifies the host ID.This parameter is visible only toadministrators.
binding:profile No Dict Allows the configuration ofcustomized data. This attribute isextended.This parameter is visible only toadministrators.
binding:vnic_type Yes String Specifies the type of the boundvNIC.The value can be normal ordirect.Parameter normal indicatessoftware switching. Parameterdirect indicates SR-IOV PCIepassthrough, which is notsupported.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 134
Name Mandatory Type Description
dns_assignment No List(Dict)
Specifies the default privatenetwork domain nameinformation of the active NIC.The system automatically sets thisparameter, and you are notallowed to configure or changethe parameter value.
dns_name No String Specifies the default privatenetwork DNS name of the activeNIC.The system automatically sets thisparameter, and you are notallowed to configure or changethe parameter value.
fixed_ip object
Name Mandatory
Type Description
subnet_id No String Specifies the subnet ID.
ip_address No String Specifies the port IP address.
allow_address_pair object
Name Mandatory Type Description
ip_address No String Specifies the IP address.You cannot set it to 0.0.0.0.
mac_address No String Specifies the MAC address.
extra_dhcp_opt object
Name Mandatory Type Description
opt_name No String Specifies the option name.
opt_value No String Specifies the option value.
l Example response
{"ports": [{"id": "d00f9c13-412f-4855-8af3-de5d8c24cd60",
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 135
"name": "test","status": "DOWN","admin_state_up": "true","fixed_ips": [{"subnet_id": "70f2e74b-e660-410a-b754-0ca46744348a","ip_address": "10.128.1.10"}],"dns_name": "","mac_address": "fa:16:3e:d7:f2:6c","network_id": "5b808927-13c9-4e60-a4f4-ed6ffe225167","tenant_id": "43f2d1cca56a40729dcb17212482f34d","device_id": "","device_owner": "","security_groups": ["02b4e8ee-74fa-4a31-802e-5490df11245e"],"extra_dhcp_opts": [],"allowed_address_pairs": [],"binding:vnic_type": "normal"},{"id": "28ba8f45-7636-45e4-8c0a-675d7663717c","name": "test1","status": "DOWN","admin_state_up": "true","fixed_ips": [{"subnet_id": "061d3ca2-bd1f-4bd1-a01d-7a5155328c0e","ip_address": "192.168.10.10"}],"dns_name": "","mac_address": "fa:16:3e:3d:91:cd","network_id": "be2fe79a-3ee2-4d87-bd71-5afa78a5670d","tenant_id": "43f2d1cca56a40729dcb17212482f34d","device_id": "","device_owner": "","security_groups": ["0bfc8687-ca18-4c37-ac84-d2198baba585"],"extra_dhcp_opts": [],"allowed_address_pairs": [],"binding:vnic_type": "normal"}]}
Returned Valuel Normal
200
l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 136
Returned Value Description
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
10.4 Updating a Port
Function
This interface is used to update a port.
URLl PUT /v1/ports/{port_id}
l Parameter description
Name Mandatory Description
port_id Yes Specifies the port ID,which uniquely identifiesthe port.
Requestl Parameter description
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 137
Name Mandatory Type Description
port Yes Dictionarydata structure
Specifies the port object.
Descriptions of port fields
Name Mandatory Type Description
name No String Specifies the port name.The value is a string of 1 to 64characters that can containdigits, letters, underscores (_),and hyphens (-).
security_groups No List Specifies the UUID of thesecurity group. This attribute isextended.
allowed_address_pairs No List 1. Specifies a set of zero ormore allowed address pairs.An address pair consists ofan IP address and MACaddress. This attribute isextended. For details, seeparameterallow_address_pair.
2. The IP address cannot be0.0.0.0.
3. Configure an independentsecurity group for the port ifa large CIDR block (subnetmask less than 24) isconfigured for parameterallowed_address_pairs.
extra_dhcp_opts No List Specifies a set of zero or moreextra DHCP option pairs. Anoption pair consists of an optionvalue and name. This attribute isextended.
Parameter extra_dhcp_opt
Name Mandatory Type Description
opt_name No String Specifies the option name.
opt_value No String Specifies the option value.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 138
l Example request{"port": {"name": "adc"}}
Responsel Parameter description
Name Mandatory Type Description
port Yes Dictionarydatastructure
Specifies the port object.
Descriptions of port fields
Name Mandatory Type Description
id Yes String Specifies the port ID, whichuniquely identifies the port.
name No String Specifies the port name.The value can contain no morethan 255 characters. Thisparameter is left blank bydefault.
network_id Yes String Specifies the ID of the networkto which the port belongs.The network ID must be a realone in the networkenvironment.
admin_state_up Yes Bool Specifies the administrativestate of the port.The value can only be true,and the default value is true.
mac_address Yes String Specifies the port MACaddress.The system automatically setsthis parameter, and you are notallowed to configure theparameter value.
fixed_ips No List Specifies the port IP address.A port supports only one fixedIP address that cannot bechanged.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 139
Name Mandatory Type Description
device_id No String Specifies the ID of the deviceto which the port belongs.The system automatically setsthis parameter, and you are notallowed to configure or changethe parameter value.
device_owner No String Specifies the belonged device,which can be the DHCP server,router, load balancers, or Nova.The system automatically setsthis parameter, and you are notallowed to configure or changethe parameter value.
tenant_id Yes String Specifies the ID of the tenant.Only the administrator canspecify the tenant ID of othertenants.
status Yes String Specifies the status of the port.The value can be ACTIVE,BUILD, or DOWN.
security_groups Yes List Specifies the UUID of thesecurity group. This attribute isextended.
allowed_address_pairs No List 1. Specifies a set of zero ormore allowed address pairs.An address pair consists ofan IP address and MACaddress. This attribute isextended. For details, seeparameterallow_address_pair.
2. The IP address cannot be0.0.0.0.
3. Configure an independentsecurity group for the port ifa large CIDR block (subnetmask less than 24) isconfigured for parameterallowed_address_pairs.
extra_dhcp_opts No List Specifies a set of zero or moreextra DHCP option pairs. Anoption pair consists of anoption value and name. Thisattribute is extended.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 140
Name Mandatory Type Description
binding:vif_type No String Specifies the interface type ofthe port. The value can be ovs,hw_veb, or others. Thisattribute is extended.This parameter is visible onlyto administrators.
binding:vif_details No Dict Specifies the VIF details.Parameter ovs_hybrid_plugspecifies whether the OVS/bridge hybrid mode is used.This parameter is visible onlyto administrators.
binding:host_id No String Specifies the host ID.This parameter is visible onlyto administrators.
binding:profile No Dict Allows the configuration ofcustomized data. This attributeis extended.This parameter is visible onlyto administrators.
binding:vnic_type Yes String Specifies the type of the boundvNIC.The value can be normal ordirect.Parameter normal indicatessoftware switching. Parameterdirect indicates SR-IOV PCIepassthrough, which is notsupported.
dns_assignment No List(Dict)
Specifies the default privatenetwork domain nameinformation of the active NIC.The system automatically setsthis parameter, and you are notallowed to configure or changethe parameter value.
dns_name No String Specifies the default privatenetwork DNS name of theactive NIC.The system automatically setsthis parameter, and you are notallowed to configure or changethe parameter value.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 141
Parameter fixed_ip
Name Mandatory Type Description
subnet_id No String Specifies the subnet ID.
ip_address No String Specifies the port IP address.
Parameter allow_address_pair
Name Mandatory Type Description
ip_address No String 1. Specifies the IP address.2. You cannot set it to 0.0.0.0.3. Configure an independent security
group for the port if a large CIDRblock (subnet mask less than 24) isconfigured for parameterallowed_address_pairs.
mac_address No String Specifies the MAC address.
Parameter extra_dhcp_opt
Name Mandatory
Type Description
opt_name No String Specifies the option name.
opt_value No String Specifies the option value.
l Example response
{"port": {"id": "7204e0da-40de-4207-a536-6f59b84f6f0e","name": "adc","status": "DOWN","admin_state_up": "true","fixed_ips": [{"subnet_id": "689156ca-038f-4478-b265-fd26aa8bbe31","ip_address": "192.168.0.9"}],
"mac_address": "fa:16:3e:d7:f2:6c","network_id": "b4152e98-e3af-4e49-bb7f-7766e2b5ec63","tenant_id": "caa6cf4337ea47fb823b15709ebe8591","device_id": "","device_owner": "","security_groups": ["59b39002-e79b-4bac-8e27-aa884ab1beb6"],
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 142
"extra_dhcp_opts": [],"allowed_address_pairs": [],"binding:vnic_type": "normal"}}
Returned Valuel Normal
200l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 143
10.5 Deleting a Port
Function
This interface is used to delete a port.
URLl DELETE /v1/ports/{port_id}l Parameter description
Name Mandatory Description
port_id Yes Specifies the port ID,which uniquely identifiesthe port.
Restrictions
You are not allowed to delete the port if device_owner is specified.
Requestl Parameter description
Nonel Example request
None
Responsel Example response
None
Returned Valuel Normal
204l Abnormal
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 144
Returned Value Description
405 Method Not Allowed You are not allowed to use the methodspecified in the request.
406 Not Acceptable The response generated by the server could notbe accepted by the client.
407 Proxy Authentication Required You must use the proxy server forauthentication so that the request can beprocessed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because theserver does not support the requested function.
502 Bad Gateway Failed to complete the request because therequest is invalid.
503 Service Unavailable Failed to complete the request because theservice is unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 10 Port
Issue 01 (2017-12-31) 145
11 VPC Peering Connection
11.1 Overview
Object IntroductionManage and perform other operations on VPC peering connections, including querying VPCpeering connections as well as creating, querying, deleting, and updating a VPC peeringconnection.
Object Model
Table 11-1 peering object
Attribute Type CRUD
DefaultValue
Constraint
Description
id Uuid-str R Automaticallygenerated
N/A Specifies the VPCpeering connection ID.
name String(64) CRU N/A N/A Specifies the VPCpeering connectionname.
status String(16) R N/A N/A Specifies the VPCpeering connectionstatus. The value can bePENDING_ACCEPTANCE, REJECTED,EXPIRED,DELETED, orACTIVE.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 146
Attribute Type CRUD
DefaultValue
Constraint
Description
request_vpc_info Dict CR N/A N/A Specifies informationabout the local VPC.For details, see Table11-2.
accept_vpc_info Dict CR N/A N/A Specifies informationabout the peer VPC.For details, see Table11-2.
Table 11-2 vpc_info object
Attribute Type CRUD
DefaultValue
Constraint
Description
vpc_id Uuid-str CR N/A AnexistingVPC ID
Specifies the ID of aVPC involved in a VPCpeering connection.
tenant_id String(255) CR TenantID oftheVPC
N/A Specifies the ID of thetenant to which a VPCinvolved in the VPCpeering connectionbelongs.
11.2 Querying VPC Peering Connections
Function
This interface is used to query VPC peering connections and to display the query result in alist.
API Format
Method URI Description
GET /v2.0/vpc/peerings?id={id}&name={name}&status={status}&tenant_id={tenant_id}&vpc_id={vpc_id}
Queries all VPC peeringconnections accessible tothe tenant submitting therequest.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 147
Restrictions
N/A
Extension Description
N/A
Request Parameter
N/A
Response Parameter
Parameter Type Mandatory Description
peerings List(peering) Yes Specifies the VPC peering connectionobject list. For details, see Table 11-1.
Example RequestGET /v2.0/vpc/peerings
Example Response{ "peerings": [ { "request_vpc_info": { "vpc_id": "9daeac7c-a98f-430f-8e38-67f9c044e299", "tenant_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e" }, "accept_vpc_info": { "vpc_id": "f583c072-0bb8-4e19-afb2-afb7c1693be5", "tenant_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e" }, "name": "test", "id": "b147a74b-39bb-4c7a-aed5-19cac4c2df13", "status": "ACTIVE" } ]}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 148
NormalResponseCode
Type Description
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
11.3 Querying a VPC Peering Connection
Function
This interface is used to query details about a VPC peering connection.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 149
API FormatMethod URI Description
GET /v2.0/vpc/peerings/{peering_id} Queries details about a VPCpeering connection.
RestrictionsN/A
Extension DescriptionN/A
Request ParameterN/A
Response ParameterParameter Type Mandatory Description
peering Dict Yes Specifies the VPC peeringconnection object list. For details, seeTable 11-1.
Example RequestGET /v2.0/vpc/peerings/22b76469-08e3-4937-8c1d-7aad34892be1
Example Response{ "peering": { "name": "test", "id": "22b76469-08e3-4937-8c1d-7aad34892be1" "request_vpc_info": { "vpc_id": "9daeac7c-a98f-430f-8e38-67f9c044e299", "tenant_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e" }, "accept_vpc_info": { "vpc_id": "f583c072-0bb8-4e19-afb2-afb7c1693be5", "tenant_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e" }, "status": "ACTIVE" }}
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 150
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 151
11.4 Creating a VPC Peering Connection
FunctionThis interface is used to create a VPC peering connection.
If you create a VPC peering connection with another VPC of your own, the connection iscreated without the need for you to accept the connection.
If you create a VPC peering connection with a VPC of another tenant, the peer tenant mustaccept the connection so that the connection can be created. If the peer tenant refuses theconnection, it cannot be created.
API FormatMethod URI Description
POST /v2.0/vpc/peerings Creates a VPC peeringconnection.
RestrictionsN/A
Extension DescriptionN/A
Request ParameterParameter
Type Mandatory
Description
peering Dict Yes Specifies the VPC peering connection object list. For details,see Table 11-1.Mandatory fields: name and vpc_id in request_vpc_infoand accept_vpc_info. If you create a VPC peeringconnection with a VPC of another tenant, you must specifythe tenant_id in accept_vpc_info and do not need to specifythe tenant_id in request_vpc_info.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 152
Response Parameter
Parameter
Type Mandatory
Description
peering Dict Yes Specifies the VPC peering connection information. Fordetails, see the peering object model.
Example RequestPOST /v2.0/vpc/peerings { "peering": { "name": "test", "request_vpc_info": { "vpc_id": "9daeac7c-a98f-430f-8e38-67f9c044e299" }, "accept_vpc_info": { "vpc_id": "f583c072-0bb8-4e19-afb2-afb7c1693be5" } } }
Example Response{ "peering": { "name": "test", "id": "22b76469-08e3-4937-8c1d-7aad34892be1" "request_vpc_info": { "vpc_id": "9daeac7c-a98f-430f-8e38-67f9c044e299", "tenant_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e" }, "accept_vpc_info": { "vpc_id": "f583c072-0bb8-4e19-afb2-afb7c1693be5", "tenant_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e" }, "status": "ACTIVE" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 153
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
11.5 Accepting a VPC Peering Connection
Function
After tenant A requests to create a VPC peering connection with a VPC of tenant B. Tenant Bmust accept the request to make the VPC peering connection take effect. This interface isused by a tenant to accept a VPC peering connection request initiated by another tenant.
API FormatMethod URI Description
PUT /v2.0/vpc/peerings/{peering_id}/accept
Accepts the VPC peeringconnection request initiatedby another tenant.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 154
Restrictions
N/A
Extension Description
N/A
Request Parameter
N/A
Response ParameterParameter Type Mandatory Description
peering Dict Yes Specifies the VPC peering connectioninformation. For details, see the peeringobject model.
Example RequestPUT /v2.0/vpc/peerings/22b76469-08e3-4937-8c1d-7aad34892be1/accept
Example Response{ "peering": { "name": "test", "id": "22b76469-08e3-4937-8c1d-7aad34892be1" "request_vpc_info": { "vpc_id": "9daeac7c-a98f-430f-8e38-67f9c044e299", "tenant_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e" }, "accept_vpc_info": { "vpc_id": "f583c072-0bb8-4e19-afb2-afb7c1693be5", "tenant_id": "059a737356594b41b447b557bf0aae56" }, "status": "ACTIVE" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 155
NormalResponseCode
Type Description
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
11.6 Refusing a VPC Peering Connection
FunctionAfter tenant A request to create a VPC peering connection with a VPC of tenant B. The VPCpeering connection takes effect only after tenant B accepts the request. However, tenant can
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 156
refuse the VPC peering connection request. This interface is used by a tenant to refuse a VPCpeering connection request initiated by another tenant.
API Format
Method URI Description
PUT /v2.0/vpc/peerings/{peering_id}/reject
Refuses the VPC peeringconnection request initiatedby another tenant.
Restrictions
N/A
Extension Description
N/A
Request Parameter
N/A
Response Parameter
Parameter
Type Mandatory
Description
peering Dict Yes Specifies the VPC peering connection object list. For details,see Table 11-1.
Example RequestPOST /v2.0/vpc/peerings/22b76469-08e3-4937-8c1d-7aad34892be1/reject
Example Response{ "peering": { "name": "test", "id": "22b76469-08e3-4937-8c1d-7aad34892be1" "request_vpc_info": { "vpc_id": "9daeac7c-a98f-430f-8e38-67f9c044e299", "tenant_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e" }, "accept_vpc_info": { "vpc_id": "f583c072-0bb8-4e19-afb2-afb7c1693be5", "tenant_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e" }, "status": "REJECTED" }}
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 157
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 158
11.7 Updating a VPC Peering Connection
FunctionUpdates a VPC peering connection.
API FormatMethod URI Description
PUT /v2.0/vpc/peerings/{peering_id} Updates a VPC peeringconnection.
RestrictionsN/A
Extension DescriptionN/A
Request ParameterParameter Type Mandatory Description
peering Dict Yes Updates a VPC peering connection.Mandatory: None. When updating a VPCpeering connection, you must specify atleast one attribute. Currently, only theVPC peering connection name can beupdated.
Response ParameterParameter Type Mandatory Description
peering Dict Yes Specifies the VPC peering connectionobject list. For details, see Table 11-1.
Example RequestPUT /v2.0/vpc/peerings/7a9a954a-eb41-4954-a300-11ab17a361a2 { "peering": { "name": "test2" } }
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 159
Example Response{ "peering": { "name": "test2", "id": "22b76469-08e3-4937-8c1d-7aad34892be1" "request_vpc_info": { "vpc_id": "9daeac7c-a98f-430f-8e38-67f9c044e299", "tenant_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e" }, "accept_vpc_info": { "vpc_id": "f583c072-0bb8-4e19-afb2-afb7c1693be5", "tenant_id": "059a737356594b41b447b557bf0aae56" }, "status": "ACTIVE" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 160
Returned Value Description
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
11.8 Deleting a VPC Peering Connection
Function
This interface is used to delete a VPC peering connection.
A VPC peering connection can be deleted either by the local or peer tenant.
API FormatMethod URI Description
DELETE /v2.0/vpc/peerings/{peering_id} Deletes a VPC peeringconnection.
Restrictions
N/A
Extension Description
N/A
Request Parameter
N/A
Response Parameter
N/A
Example RequestDELETE /v2.0/vpc/peerings/2b098395-046a-4071-b009-312bcee665cb
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 161
Example Response
N/A
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 162
Returned Value Description
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 11 VPC Peering Connection
Issue 01 (2017-12-31) 163
12 VPC Route
12.1 Overview
Object Introduction
Manage and perform other operations on VPC routes, including querying routes, creating aroute, querying a route, and deleting a route.
Object Model
Table 12-1 route object
Attribute Type CRUD
DefaultValue
Constraint
Description
id String R Automaticallygenerated
N/A Specifies the route ID.
destination String(64) CR N/A N/A Specifies the destinationIP address or CIDRblock.
nexthop String(64) CR N/A N/A Specifies the next hop. Ifthe route type is peering,enter the VPC peeringconnection ID.
type String(16) CR N/A Currently,the valuecan onlybepeering.
Specifies the route type.
vpc_id String CR N/A ExistingVPC ID
Specifies the VPC forwhich a route is to beadded.
Virtual Private CloudAPI Reference 12 VPC Route
Issue 01 (2017-12-31) 164
Attribute Type CRUD
DefaultValue
Constraint
Description
tenant_id String(255)
CR N/A N/A Specifies the tenant ID.Only the administratorcan specify the tenant IDof other tenants.
12.2 Querying VPC Routes
FunctionThis interface is used to query routes and display the routes in a list.
API FormatMethod
URI Description
GET /v2.0/vpc/routes?id={id}&vpc_id={vpc_id}&tenant_id={tenant_id}&destination={destination}&type={type}
Queries all routes of thetenant submitting therequest. The routes arefiltered by VPC ID.
RestrictionsN/A
Request ParameterNone
Response ParameterParameter Type Mandato
ryDescription
routes List (route) Yes Specifies the route object list. For details,see Table 12-1.
Example RequestGET /v2.0/vpc/routes?vpc_id=ab78be2d-782f-42a5-aa72-35879f6890ff
Example Response{ "routes": [
Virtual Private CloudAPI Reference 12 VPC Route
Issue 01 (2017-12-31) 165
{ "type": "peering", "nexthop": "60c809cb-6731-45d0-ace8-3bf5626421a9", "destination": "192.168.200.0/24", "vpc_id": "ab78be2d-782f-42a5-aa72-35879f6890ff", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "id": "3d42a0d4-a980-4613-ae76-a2cddecff054" } ] }
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
Virtual Private CloudAPI Reference 12 VPC Route
Issue 01 (2017-12-31) 166
Returned Value Description
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
12.3 Querying a VPC Route
FunctionThis interface is used to query details about a route.
API FormatMethod URI Description
GET /v2.0/vpc/routes/{route_id} Queries details about aspecified route.
RestrictionsN/A
Request ParameterNone
Response ParameterParameter Type Mandatory Description
route Dict Yes Specifies the route object list. For details,see Table 12-1.
Example RequestGET /v2.0/vpc/routes/60c809cb-6731-45d0-ace8-3bf5626421a9
Example Response{ "route": { "type": "peering", "nexthop": "60c809cb-6731-45d0-ace8-3bf5626421a9", "destination": "192.168.200.0/24",
Virtual Private CloudAPI Reference 12 VPC Route
Issue 01 (2017-12-31) 167
"vpc_id": "ab78be2d-782f-42a5-aa72-35879f6890ff", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "id": "3d42a0d4-a980-4613-ae76-a2cddecff054" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
Virtual Private CloudAPI Reference 12 VPC Route
Issue 01 (2017-12-31) 168
Returned Value Description
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
12.4 Creating a VPC Route
Function
This interface is used to create a route.
API FormatMethod URI Description
POST /v2.0/vpc/routes Creates a route.
Restrictions
N/A
Request ParameterParameter Type Mandatory Description
route Dict Yes Specifies the route object list. For details, seeTable 12-1.Mandatory fields: destination, nexthop, type,and vpc_id
Response ParameterParameter Type Mandatory Description
route Dict Yes Specifies the route object list. For details, seeTable 12-1.
Example RequestPOST /v2.0/vpc/routes { "route": { "type": "peering", "nexthop": "60c809cb-6731-45d0-ace8-3bf5626421a9",
Virtual Private CloudAPI Reference 12 VPC Route
Issue 01 (2017-12-31) 169
"destination": "192.168.200.0/24", "vpc_id": "ab78be2d-782f-42a5-aa72-35879f6890ff" }}
Example Response{ "route": { "type": "peering", "nexthop": "60c809cb-6731-45d0-ace8-3bf5626421a9", "destination": "192.168.200.0/24", "vpc_id": "ab78be2d-782f-42a5-aa72-35879f6890ff", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "id": "3d42a0d4-a980-4613-ae76-a2cddecff054" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
Virtual Private CloudAPI Reference 12 VPC Route
Issue 01 (2017-12-31) 170
Returned Value Description
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
12.5 Deleting a VPC Route
Function
This interface is used to delete a route.
API Format
Method URI Description
DELETE /v2.0/vpc/routes/{route_id} Deletes a route to which thespecified tenant has access.
Restrictions
N/A
Request Parameter
None
Response Parameter
None
Example RequestDELETE /v2.0/vpc/routes/60c809cb-6731-45d0-ace8-3bf5626421a9
Example ResponseNone (STATUS CODE 204)
Virtual Private CloudAPI Reference 12 VPC Route
Issue 01 (2017-12-31) 171
13 Port (Native OpenStack API)
13.1 Overview
Object IntroductionThis interface is used to manage and perform operations on ports, including querying ports,creating a port, querying a specified port, deleting a port, and updating a port.
Object Model
Table 13-1 port object
Attribute Type CRUD DefaultValue
Constraint Description
id Uuid-Str R Automaticallygenerated
N/A Specifies the portID. A maximumof 255 charactersare allowed.
name String(255) CRU None N/A Specifies the portname.
network_id Uuid-Str CR N/A The valuemust be anexistingnetwork ID.
Specifies the IDof the network towhich the portbelongs.
admin_state_up
Bool CRU true The valuecan only betrue orfalse.
Specifies theadministrativestatus.The value canonly be true.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 173
Attribute Type CRUD DefaultValue
Constraint Description
mac_address String(32) R Automaticallygenerated
The valuemust be avalid MACaddress.
Specifies the portMAC address.For example,"mac_address":"fa:16:3e:9e:ff:55".This value canonly bedynamicallyassigned by thesystem.
fixed_ips List(fixed_ips)
CRU Automaticallygenerated fromthe addresspool
Only onefixed IPaddress canbeconfiguredfor a port.
Specifies the portIP address. Fordetails, see thefixed_ips object.For example, thevalue is"fixed_ips":[{"subnet_id":"4dc70db6-cb7f-4200-9790-a6a910776bba","ip_address":"192.169.25.79"}].Only one fixed IPaddress can beconfigured foreach port, and theIP address cannotbe changed onceconfigured.
device_id String(255) CRUD None N/A Specifies thedevice ID.This value isautomaticallymaintained by thesystem andcannot be set orupdatedmanually. Theport with thisfield specifiedcannot bedeleted.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 174
Attribute Type CRUD DefaultValue
Constraint Description
device_owner
String(255) CRUD None N/A Specifies theDHCP, router orNova to which adevice belongs.This parametervalue cannot beupdated. You canonly setdevice_owner toneutron:VIP_PORT for a virtualIP address portduring portcreation. If thisparameter of aport is not leftblank, the portcan only bedeleted when thisparameter valueisneutron:VIP_PORT.The port with thisfield specifiedcannot bedeleted.
tenant_id String(255) CR N/A N/A Specifies thetenant ID. Onlythe administratorcan specify thetenant ID of othertenants.
status String(16) R N/A The valuecan only beACTIVE,BUILD, orDOWN.
Specifies the portstatus. The valuecan be ACTIVE,BUILD, orDOWN.The status of aHANA SR-IOVVM port isalways DOWN.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 175
Attribute Type CRUD DefaultValue
Constraint Description
security_groups
List(String) CRUD N/A SecuritygroupUUID orleft blank
Specifies theUUID of thesecurity group.For example,"security_groups": ["a0608cbf-d047-4f54-8b28-cd7b59853fff"].This is anextendedattribute.This parametercannot be leftblank.
allowed_address_pairs
List(allow_address_pair)
CRU N/A N/A Specifies the IPand MACaddress pair. Fordetails, see theallow_address_pair parameterstable. This is anextendedattribute.The IP addresscannot be 0.0.0.0.Configure anindependentsecurity group forthe port if a largeCIDR block(subnet mask lessthan 24) isconfigured forparameterallowed_address_pairs.In the hardwareSDN networkingplan, theip_addressattribute valuecannot be inCIDR format.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 176
Attribute Type CRUD DefaultValue
Constraint Description
extra_dhcp_opts
List(extra_dhcp_opt)
CRU N/A N/A Specifies theextended DHCPoption. This is anextendedattribute.
binding:vif_type
String(64) R N/A N/A Specifies the portvirtual interface(VIF) type. Thevalue can be ovsor hw_veb. Thisis an extendedattribute.This parameter isavailable only toadministrators.
binding:vif_details
Dict R N/A N/A Specifies the VIFdetails. Parameterovs_hybrid_plugspecifies whetherthe OVS/bridgehybrid mode isused.This parameter isunavailable tocommon tenants.
binding:host_id
String(255) R None N/A Specifies the hostID. This is anextendedattribute.This parameter isavailable only toadministrators.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 177
Attribute Type CRUD DefaultValue
Constraint Description
binding:profile
Dict CR None N/A Specifies theuser-definedsettings. This isan extendedattribute.Instructions:l The
disable_security_groupsfield is inboolean typeand isavailable tocommontenants. Thedefault valueis false. Inhigh-performancecommunication scenarios,you can setthe parametervalue to true,which makesthis parameterto be availableto commontenants. Youcan specifythis parameterwhen creatinga port.Currently, thevalue of thisparameter canonly be set totrue.Example:{"disable_security_groups":true },Currently, thevalue can onlybe set to true.When thevalue is set totrue, the
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 178
Attribute Type CRUD DefaultValue
Constraint Description
FWaaSfunction doesnot takeeffect.
l Other fieldsare availableonly toadministrators.
binding:vnic_type
String(64) R normal normal Specifies the typeof the boundvNIC.normal:Softswitch
port_security_enabled
Bool CRU true N/A Specifies whetherthe securityoption is enabledfor the port. If theoption is notenabled, thesecurity groupand DHCPsnooping do nottake effect.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 179
Attribute Type CRUD DefaultValue
Constraint Description
dns_assignment
List(Dict) R Automaticallygenerated
N/A Specifies thedefault privatenetwork domainname informationof the active NIC.This is anextendedattribute.The systemautomatically setsthis parameter,and you are notallowed toconfigure orchange theparameter value.l hostname:
dns_namevalue of theNIC
l ip_address:Private IPv4address of theNIC
l fqdn: Defaultprivatenetwork fullyqualifieddomain name(FQDN) ofthe IP address
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 180
Attribute Type CRUD DefaultValue
Constraint Description
dns_name String R Automaticallygenerated
N/A Specifies thedefault privatenetwork DNSname of theactive NIC. Thisis an extendedattribute.The systemautomatically setsthis parameter,and you are notallowed toconfigure orchange theparameter value.Before accessingthe defaultprivate networkdomain name,ensure that thesubnet uses theDNS provided bythe currentsystem.
Table 13-2 fixed_ip object
Attribute Type CRUD DefaultValue
Constraint Description
subnet_id Uuid-Str CRU Automaticallygenerated
The valuemust be anexistingsubnet ID.
Specifies the ID ofthe subnet towhich the portbelongs.This parametercannot be updated.
ip_address String(64) CRU Automaticallygenerated
The valuemust be avalid IPaddress.
Specifies the portIP address.This parametercannot be updated.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 181
Table 13-3 allow_address_pair object
Attribute Type CRUD
DefaultValue
Constraint Description
ip_address String(64)
CRU None Thisparametercannot beleft blank.
Specifies the IP address.This parameter cannot be0.0.0.0.
mac_address String(32)
CRU None N/A Specifies the MAC address.
Table 13-4 extra_dhcp_opt object
Attribute Type CRUD DefaultValue
Constraint Description
opt_name String(64) CRU None N/A Specifies theoption name.
opt_value String(255) CRU None N/A Specifies theoption value.
13.2 Querying Ports
FunctionThis interface is used to query ports.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 182
API FormatMethod URI Description
GET /v2.0/ports?id={port_id}&name={port_name }&admin_state_up={is_admin_status_up}&network_id={network_id}&mac_address={port_mac}&device_id={port_device_id}&device_owner={device_owner}&tenant_id={tenant_id}&status={port_status}&fixed_ips=ip_address={id_address}&fixed_ips=subnet_id={subnet_id}&dns_name={dns_name}
Queries all networksaccessible to the tenantsubmitting the request. Amaximum of 2000 recordscan be returned for eachquery operation. If thenumber of records exceeds2000, the pagination markerwill be returned. For details,see section A.4 Pagination.
RestrictionsN/A
Extension DescriptionN/A
Request ParameterN/A
Response ParameterParameter Type Mandat
oryDescription
ports List(port) Yes Specifies the port list. For details, seeTable 13-1.
Example Request[Example 1]
l Example JSON requestGET /v2.0/ports?limit=2&marker=0000f817-6d8d-46a0-85b7-2eb53a2e6bcb
l Example JSON response{ "ports": [ { "admin_state_up": true, "allowed_address_pairs": [],
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 183
"binding:vnic_type": "normal", "device_id": "dhcp4ebd0208-8328-5d69-8c44-ec50939c0967-babaf0c4-d6e5-409c-9bbc-ede841e010f0", "device_owner": "network:dhcp", "port_security_enabled":false, "extra_dhcp_opts": [], "fixed_ips": [ { "ip_address": "172.16.1.2", "subnet_id": "4d57c51a-e53c-4895-9dc4-23dec6bd6699" } ], "dns_name": "", "id": "0050d1cb-202a-4a46-8674-03eb6f06a814", "mac_address": "fa:16:3e:7f:ed:2c", "name": "distributed_dhcp_port", "network_id": "babaf0c4-d6e5-409c-9bbc-ede841e010f0", "security_groups": [], "status": "DOWN", "tenant_id": "3e4a1816927f405cacbc3dca1e05111e" }, { "admin_state_up": true, "allowed_address_pairs": [], "binding:host_id": "dummy_725DFB13-D21D-B211-9630-000000821800", "binding:vnic_type": "normal", "device_id": "3dc6d518-460e-47c1-a786-5ff2c382fdd6", "device_owner": "network:router_gateway", "port_security_enabled":false, "extra_dhcp_opts": [], "fixed_ips": [ { "ip_address": "10.10.10.53", "subnet_id": "bb739afa-d755-4cd9-a268-f419927c5a12" } ], "dns_name": "", "id": "0102ddd1-e444-4786-9897-d6ae8f6e27c1", "mac_address": "fa:16:3e:51:fd:8c", "name": "", "network_id": "f65e9ebc-ed5d-418b-a931-9a723718ba4e", "security_groups": [], "status": "ACTIVE", "tenant_id": "" } ], "ports_links": [ { "href": "https://network.localdomain.com:8020/v2.0/ports?limit=2&marker=0102ddd1-e444-4786-9897-d6ae8f6e27c1", "rel": "next" }, { "href": "https://network.localdomain.com:8020/v2.0/ports?limit=2&marker=0050d1cb-202a-4a46-8674-03eb6f06a814&page_reverse=True", "rel": "previous" } ]}
[Example 2]
l Example JSON requestGET /v2.0/ports?mac_address=fa:16:3e:f1:0b:09
l Example JSON response{ "ports": [ { "admin_state_up": true,
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 184
"allowed_address_pairs": [], "binding:vnic_type": "normal", "device_id": "e6c05704-c907-4cc1-8106-69b0996c43b9", "device_owner": "compute:az3.dc1", "port_security_enabled":true, "extra_dhcp_opts": [], "fixed_ips": [ { "ip_address": "172.16.0.37", "subnet_id": "b3ac1347-63f2-4e82-b853-3d86416a0db5" } ], "dns_assignment": [ { "hostname": "ip-172-16-0-37", "ip_address": "172.16.0.37", "fqdn": "ip-172-16-0-37.southchina.compute.internal." } ], "dns_name": "ip-172-16-0-37", "id": "7bb64706-6e46-4f94-a28a-4bc7caaab87d", "mac_address": "fa:16:3e:f1:0b:09", "name": "port_vm_50_3", "network_id": "a54e1b19-ce78-4b7e-b28b-d2d716cdc161", "security_groups": [ "ef69bc60-2f4b-4f97-b95b-e3b68df0c0b2" ], "status": "ACTIVE", "tenant_id": "6c9298ec8c874f7f99688489ab65f90e" } ]}
[Example 3]
l Example JSON requestGET /v2.0/ports?admin_state_up=False
l Example JSON response{ "ports": [
{ "admin_state_up": false, "allowed_address_pairs": [], "binding:vnic_type": "normal", "device_id": "", "device_owner": "", "port_security_enabled":true, "extra_dhcp_opts": [], "fixed_ips": [ { "ip_address": "10.100.100.62", "subnet_id": "9b28f20c-0234-419f-a0b4-4a84f182f64b" } ], "dns_name": "", "id": "ffc0bdee-8413-4fa2-bd82-fa8efe5b3a87", "mac_address": "fa:16:3e:2b:bc:57", "name": "small_net_port", "network_id": "b299b151-7a66-4c6f-a313-cdd3b5724296", "security_groups": [ "ef69bc60-2f4b-4f97-b95b-e3b68df0c0b2" ], "status": "DOWN", "tenant_id": "6c9298ec8c874f7f99688489ab65f90e" } ]}
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 185
[Example 4]
l Example JSON requestGET /v2.0/ports?device_id=e6c05704-c907-4cc1-8106-69b0996c43b9
l Example JSON response{ "ports": [ { "admin_state_up": true, "allowed_address_pairs": [], "binding:vnic_type": "normal", "device_id": "e6c05704-c907-4cc1-8106-69b0996c43b9", "device_owner": "compute:az3.dc1", "port_security_enabled":true, "extra_dhcp_opts": [], "fixed_ips": [ { "ip_address": "10.1.0.37", "subnet_id": "b3ac1347-63f2-4e82-b853-3d86416a0db5" } ], "dns_assignment": [ { "hostname": "ip-10-1-0-37", "ip_address": "10.1.0.37", "fqdn": "ip-10-1-0-37.xxx.compute.internal."//xxx indicates the region name. } ], "dns_name": "ip-10-1-0-37", "id": "7bb64706-6e46-4f94-a28a-4bc7caaab87d", "mac_address": "fa:16:3e:f1:0b:09", "name": "port_vm_50_3", "network_id": "a54e1b19-ce78-4b7e-b28b-d2d716cdc161", "security_groups": [ "ef69bc60-2f4b-4f97-b95b-e3b68df0c0b2" ], "status": "ACTIVE", "tenant_id": "6c9298ec8c874f7f99688489ab65f90e" } ]}
[Example 5]
l Example JSON requestGET /v2.0/ports?tenant_id=6c9298ec8c874f7f99688489ab65f90e&name=port_vm_50_3
l Example JSON response{ "ports": [ { "admin_state_up": true, "allowed_address_pairs": [], "binding:vnic_type": "normal", "device_id": "e6c05704-c907-4cc1-8106-69b0996c43b9", "device_owner": "compute:az3.dc1", "port_secuirty_enabled":true, "extra_dhcp_opts": [], "fixed_ips": [ { "ip_address": "10.1.0.37", "subnet_id": "b3ac1347-63f2-4e82-b853-3d86416a0db5" } ], "dns_assignment": [ { "hostname": "ip-10-1-0-37", "ip_address": "10.1.0.37",
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 186
"fqdn": "ip-10-1-0-37.xxx.compute.internal."//xxx indicates the region name. } ], "dns_name": "ip-10-1-0-37", "id": "7bb64706-6e46-4f94-a28a-4bc7caaab87d", "mac_address": "fa:16:3e:f1:0b:09", "name": "port_vm_50_3", "network_id": "a54e1b19-ce78-4b7e-b28b-d2d716cdc161", "security_groups": [ "ef69bc60-2f4b-4f97-b95b-e3b68df0c0b2" ], "status": "ACTIVE", "tenant_id": "6c9298ec8c874f7f99688489ab65f90e" } ]}
[Example 6]
l Example JSON requestGET /v2.0/ports?name=port_vm_50_3
l Example JSON response{ "ports": [ { "status": "DOWN", "allowed_address_pairs": [], "extra_dhcp_opts": [], "device_owner": "", "port_security_enabled":true, "fixed_ips": [ { "subnet_id": "391c74f7-e3b1-405c-8473-2f71a0aec7dc", "ip_address": "10.1.0.33" } ], "dns_name": "", "id": "0f405555-739f-4a19-abb7-ec11d005b3a9", "security_groups": [ "043548bc-1020-4be0-885a-caac8530e8f6" ], "device_id": "", "port_security_enabled":true, "name": "port_vm_50_3", "admin_state_up": true, "network_id": "9898a82d-7795-4ad5-bf2c-0ed8b822be4f", "tenant_id": "3e4a1816927f405cacbc3dca1e05111e", "binding:vnic_type": "normal", "mac_address": "fa:16:3e:b0:d9:cf" }, { "status": "ACTIVE", "allowed_address_pairs": [], "extra_dhcp_opts": [], "device_owner": "compute:az3.dc1", "port_security_enabled":true, "fixed_ips": [ { "subnet_id": "b3ac1347-63f2-4e82-b853-3d86416a0db5", "ip_address": "10.1.0.37" } ], "dns_assignment": [ { "hostname": "ip-10-1-0-37", "ip_address": "10.1.0.37", "fqdn": "ip-10-1-0-37.xxx.compute.internal."//xxx indicates the region name.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 187
} ], "dns_name": "ip-10-1-0-37", "id": "7bb64706-6e46-4f94-a28a-4bc7caaab87d", "security_groups": [ "ef69bc60-2f4b-4f97-b95b-e3b68df0c0b2" ], "device_id": "e6c05704-c907-4cc1-8106-69b0996c43b9", "name": "port_vm_50_3", "admin_state_up": true, "network_id": "a54e1b19-ce78-4b7e-b28b-d2d716cdc161", "tenant_id": "6c9298ec8c874f7f99688489ab65f90e", "binding:vnic_type": "normal", "mac_address": "fa:16:3e:f1:0b:09" } ]}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 188
Returned Value Description
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
13.3 Querying a Port
Function
This interface is used to query details about a specified port.
API Format
Method URI Description
GET /v2.0/ports/{port_id} Queries details about thespecified port.
Restrictions
N/A
Extension Description
N/A
Request Parameter
N/A
Response Parameter
Parameter Type Mandatory Description
port Dict Yes Specifies the port list. For details, seeTable 13-1.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 189
Example RequestGET /v2.0/ports/08db2f8b-8887-4c84-b68b-905582c45c8f
Example Response{ "port": { "status": "ACTIVE", "allowed_address_pairs": [ ], "extra_dhcp_opts": [ ], "device_owner": "compute:az3.dc1", "port_security_enabled":true, "fixed_ips": [ { subnet_id": "b3ac1347-63f2-4e82-b853-3d86416a0db5", ip_address": "10.1.0.36" } ], "dns_assignment": [ { "hostname": "ip-10-1-0-36", "ip_address": "10.1.0.36", "fqdn": "ip-10-1-0-36.xxx.compute.internal."//xxx indicates the region name. } ], "dns_name": "ip-10-1-0-36", "id": "20a2782c-bfb7-4775-a553-9253ab0e3365", "security_groups": [ "ef69bc60-2f4b-4f97-b95b-e3b68df0c0b2" ], "device_id": "0bd481a0-7dc5-4a3c-bb7b-2553437cd7a5", "name": "port_vm_50_2", "admin_state_up": true, "network_id": "a54e1b19-ce78-4b7e-b28b-d2d716cdc161", "tenant_id": "6c9298ec8c874f7f99688489ab65f90e", "binding:vnic_type": "normal", "mac_address": "fa:16:3e:ab:1f:a5" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 190
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
13.4 Creating a Port
FunctionThis interface is used to create a port.
API FormatMethod URI Description
POST /v2.0/ports Creates a port.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 191
RestrictionsN/A
Extension DescriptionN/A
Request ParameterParameter
Type Mandatory
Description
port Dict Yes Specifies the port list. For details, see Table 13-1.Mandatory field: network_id
Response ParameterParameter
Type Mandatory
Description
port Dict Yes Specifies the port information. For details, see the Portsobject model.
Example RequestPOST /v2.0/ports{ "port": { "admin_state_up": true,
"fixed_ips": [ { "ip_address": "10.1.0.150", "subnet_id": "b3ac1347-63f2-4e82-b853-3d86416a0db5" } ], "name": "test", "network_id": "a54e1b19-ce78-4b7e-b28b-d2d716cdc161", "tenant_id": "6c9298ec8c874f7f99688489ab65f90e" }}
Example Response{ "port": { "admin_state_up": true, "allowed_address_pairs": [], "binding:host_id": "az3.dc1", "binding:profile": {},
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 192
"binding:vif_details": { "ovs_hybrid_plug": true, "port_filter": true }, "binding:vif_type": "ovs", "binding:vnic_type": "normal", "device_id": "", "device_owner": "compute:az3.dc1", "port_security_enabled":true, "extra_dhcp_opts": [], "fixed_ips": [ { "ip_address": "10.1.0.150", "subnet_id": "b3ac1347-63f2-4e82-b853-3d86416a0db5" } ], "dns_assignment": [ { "hostname": "ip-10-1-0-150", "ip_address": "10.1.0.150", "fqdn": "ip-10-1-0-150.xxx.compute.internal."//xxx indicates the region name. } ], "dns_name": "ip-10-1-0-150", "id": "7a9a954a-eb41-4954-a300-11ab17a361a2", "mac_address": "fa:16:3e:7f:60:cb", "name": "test", "network_id": "a54e1b19-ce78-4b7e-b28b-d2d716cdc161", "security_groups": [ "ef69bc60-2f4b-4f97-b95b-e3b68df0c0b2" ], "status": "DOWN", "tenant_id": "6c9298ec8c874f7f99688489ab65f90e" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 193
Returned Value Description
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
13.5 Updating a Port
Function
This interface is used to update a port.
API Format
Method URI Description
PUT /v2.0/ports/{port_id} Updates a port.
Restrictions
N/A
Extension Description
N/A
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 194
Request Parameter
Parameter
Type
Mandatory
Description
ports Dict Yes Specifies the port list. For details, see Table 13-1.This parameter has no mandatory fields. You must specifyat least one attribute when updating the port.
Response Parameter
Parameter
Type Mandatory
Description
ports Dict Yes Specifies the port list. For details, see Table 13-1.
Example RequestPUT /v2.0/ports/ 7a9a954a-eb41-4954-a300-11ab17a361a2{ "port": { "name": "test2" }}
Example Response{ "port": { "admin_state_up": false, "allowed_address_pairs": [], "binding:vnic_type": "normal", "device_id": "6c9298ec8c874f7f99688489ab65f903", "device_owner": "test", "port_security_enabled":true, "extra_dhcp_opts": [], "fixed_ips": [ { "ip_address": "10.1.0.198", "subnet_id": "b3ac1347-63f2-4e82-b853-3d86416a0db5" } ], "dns_name": "", "id": "7a9a954a-eb41-4954-a300-11ab17a361a2", "mac_address": "fa:16:3e:7f:60:cb", "name": "test2", "network_id": "a54e1b19-ce78-4b7e-b28b-d2d716cdc161", "security_groups": [ "ef69bc60-2f4b-4f97-b95b-e3b68df0c0b2" ], "status": "BUILD", "tenant_id": "6c9298ec8c874f7f99688489ab65f90e" }}
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 195
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 196
13.6 Deleting a Port
Function
This interface is used to delete a port.
API FormatMethod URI Description
DELETE /v2.0/ports/{port_id} Deletes a port.
Restrictionsl A port with device_owner set to a value other than neutron:VIP_PORT cannot be
deleted.l A port with device_id specified cannot be deleted.
Extension Description
N/A
Request Parameter
N/A
Response Parameter
N/A
Example RequestDELETE /v2.0/ports/2b098395-046a-4071-b009-312bcee665cb
Example Response
N/A
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET and PUToperations.
201 Created Specifies the normal response code for the POSToperation.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 197
NormalResponseCode
Type Description
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 13 Port (Native OpenStack API)
Issue 01 (2017-12-31) 198
14 Network (Native OpenStack API)
14.1 Overview
Object IntroductionThis interface is used to manage and perform operations on network resources, includingquerying networks, creating a network, querying a specified network, deleting a network, andupdating a network.
Object Model
Table 14-1 network object
Attribute Type CRUD DefaultValue
Constraint Description
status String R ACTIVE N/A Specifies the networkstatus. The value canbe ACTIVE, BUILD,DOWN, or ERROR.
subnets List(Uuid-str)
R Empty list N/A Specifies IDs of thesubnets associatedwith this network. TheIDs are in a list.Only one subnet canbe associated witheach network.
name String(255)
CRU None N/A Specifies the networkname.The name cannot beadmin_external_net.
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 199
Attribute Type CRUD DefaultValue
Constraint Description
router:external
Bool CRU false The valuecan only betrue orfalse.
Specifies whether thenetwork is an externalnetwork. This is anextended attribute.This attribute is foradministrators only.Tenants cannotconfigure or updatethis attribute and canonly query it.
admin_state_up
Bool CRU true The valuecan only betrue orfalse.
Specifies theadministrative status.The value can only betrue.
tenant_id String(255)
CR N/A N/A Specifies the tenantID. Only theadministrator canspecify the tenant IDof other tenants.
shared Bool CRU false The valuecan only betrue orfalse.
Specifies whether thenetwork can be sharedby different tenants.This attribute is foradministrators only.Tenants cannotconfigure or updatethis attribute and canonly query it.
id Uuid-str R Automaticallygenerated
N/A Specifies the networkID.
provider:physical_network
String(64) CR N/A N/A Specifies the physicalnetwork used by thisnetwork. This is anextended attribute.This attribute isavailable only toadministrators.
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 200
Attribute Type CRUD DefaultValue
Constraint Description
provider:network_type
String(32) CR N/A The valuecan only bevlan, vxlan,flat, local,geneve, orgre.
Specifies the networktype. Only theVXLAN andGENEVE networksare supported. This isan extended attribute.This attribute isavailable only toadministrators. OnlyGENEVE tenants canperform operations onthis attribute.
provider:segmentation_id
Int CR N/A VLAN: 1 to4094VXLAN: 1to 16million
Specifies the networksegment ID. The valueis a VLAN ID for aVLAN network and isa VNI for a VXLANnetwork. This is anextended attribute.This attribute isavailable only toadministrators.
segments List(segment)
CR N/A N/A Specifies a list ofproviders. This is anextended attribute.This attribute isincompatible with thepreceding threeprovider attributes.This attribute isavailable only toadministrators.
availability_zone_hints
List<String>
R N/A N/A Specifies theavailability zonesavailable to thisnetwork. The currentversion does notsupport cross-availability-zonenetwork scheduling.An empty list isreturned.
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 201
Attribute Type CRUD DefaultValue
Constraint Description
availability_zones
List<String>
R N/A N/A Specifies theavailability zone ofthis network.An empty list isreturned.
port_security_enabled
Bool CRU true N/A Specifies whether thesecurity option isenabled for the port. Ifthe option is notenabled, the securitygroup and DHCPsnooping settings ofall VMs in thenetwork do not takeeffect.
dns_domain String(255)
R Automaticallygenerated
N/A Specifies the defaultprivate network DNSdomain address. Thesystem automaticallysets this parameter,and you are notallowed to configureor change theparameter value.
14.2 Querying Networks
FunctionThis interface is used to query networks using search criteria and to display the networks in alist.
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 202
API FormatMethod URI Description
GET /v2.0/networks?id={network_id}&status={network_status}&name={network_name}&admin_state_up={is_admin_status_up}&tenant_id={tenant_id}&shared={is_shared}&provider:network_type={geneve}
Queries all networksaccessible to the tenantsubmitting the request. Amaximum of 2000 recordscan be returned for eachquery operation. If thenumber of records exceeds2000, the pagination markerwill be returned. For details,see section A.4 Pagination.
RestrictionsN/A
Request ParameterNone
Response ParameterParameter Type Mandatory Description
networks List (network) Yes Specifies the network list. For details,see Table 14-1.
Example RequestGET /v2.0/networks
Example Response{ "networks": [ { "status": "ACTIVE", "availability_zone_hints": [ ], "availability_zones": [ ], "subnets": [ "ab78be2d-782f-42a5-aa72-35879f6890ff" ], "router:external": false, "shared": false, "port_security_enabled":true, "name": "testnet01", "admin_state_up": true, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "dns_domain":"xxx.compute.internal.",//xxx indicates the region name. "id": "3d42a0d4-a980-4613-ae76-a2cddecff054" }, {
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 203
"status": "ACTIVE", "availability_zone_hints": [ ], "availability_zones": [ ], "subnets": [ ], "router:external": false, "shared": false, "port_security_enabled":true, "name": "demo-net", "admin_state_up": true, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "dns_domain":"southchina.compute.internal.", "id": "60c809cb-6731-45d0-ace8-3bf5626421a9" }, { "status": "ACTIVE", "availability_zone_hints": [ ], "availability_zones": [ ], "subnets": [ "132dc12d-c02a-4c90-9cd5-c31669aace04" ], "router:external": false, "shared": false, "port_security_enabled":true, "name": "publicnet", "admin_state_up": true, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "dns_domain":"xxx.compute.internal.",//xxx indicates the region name. "id": "9daeac7c-a98f-430f-8e38-67f9c044e299" } ]}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 204
Returned Value Description
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
14.3 Querying Network Details
FunctionThis interface is used to query details about a network.
API FormatMethod URI Description
GET /v2.0/networks/{network-id} Queries details about thespecified network.
RestrictionsN/A
Request ParameterNone
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 205
Response Parameter
Parameter Type Mandatory Description
network Dict Yes Specifies the network list. For details, seeTable 14-1.
Example RequestGET /v2.0/networks/60c809cb-6731-45d0-ace8-3bf5626421a9
Example Response{ "network": { "status": "ACTIVE", "subnets": [ ], "availability_zone_hints": [ ], "availability_zones": [ ], "name": "demo-net", "admin_state_up": true, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "router:external": false, "shared": false, "port_security_enabled":true, "dns_domain":"xxx.compute.internal.",//xxx indicates the region name. "id": "60c809cb-6731-45d0-ace8-3bf5626421a9" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 206
Returned Value Description
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
14.4 Creating a Network
FunctionThis interface is used to create a network.
API FormatMethod URI Description
POST /v2.0/networks Creates a network.
RestrictionsN/A
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 207
Request ParameterParameter Type Mandatory Description
network Dict Yes Specifies the network list. For details, see Table14-1.This parameter has no mandatory fields.
Response ParameterParameter Type Mandatory Description
network Dict Yes Specifies the network list. For details, seeTable 14-1.
Example RequestPOST /v2.0/networks{ "network": { "shared": false, "name": "demo-net", "admin_state_up": true, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4" }}
Example Response{ "network": { "status": "ACTIVE", "subnets": [ ], "availability_zone_hints": [ ], "availability_zones": [ ], "name": "demo-net", "provider:physical_network": "physnet1", "admin_state_up": true, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4", "provider:network_type": "vlan", "router:external": false, "shared": false, "port_security_enabled":true, "dns_domain":"xxx.compute.internal.",//xxx indicates the region name. "id": "ca7192a3-867c-42c1-bfd8-6bb777bae6cf", "provider:segmentation_id": 55 }}
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 208
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 209
14.5 Updating a Network
Function
This interface is used to update a network.
API Format
Method URI Description
PUT /v2.0/networks/{network-id} Updates a network.
Restrictions
N/A
Extension Description
N/A
Request Parameter
Parameter Type Mandatory Description
networks Dict Yes Specifies the network list. For details, seeTable 14-1.This parameter has no mandatory fields. Youmust specify at least one attribute whenupdating the port.
Response Parameter
Parameter Type Mandatory Description
networks Dict Yes Specifies the subnet metadata. For details, seeTable 14-1.
Example RequestPUT /v2.0/networks/7a9a954a-eb41-4954-a300-11ab17a361a2{ "network": { "name": "sample_network, "qos_policy_id": "6a8454ade84346f59e8d40665f878b2e" }}
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 210
Example Response{ "network": { "admin_state_up": true, "availability_zone_hints": [], "availability_zones": [ "nova" ], "created_at": "2016-03-08T20:19:41", "dns_domain":"xxx.compute.internal.",//xxx indicates the region name. "id": "7a9a954a-eb41-4954-a300-11ab17a361a2", "mtu": 1500, "name": "sample_network_5_updated", "port_security_enabled": true, "project_id": "4fd44f30292945e481c7b8a0c8908869", "qos_policy_id": "6a8454ade84346f59e8d40665f878b2e", "router:external": false, "shared": false, "status": "ACTIVE", "subnets": [ "54d6f61d-db07-451c-9ab3-b9609b6b6f0b" ], "tenant_id": "4fd44f30292945e481c7b8a0c8908869", "updated_at": "2016-03-08T20:19:41", "vlan_transparent": false, "description": "" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 211
Returned Value Description
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
14.6 Deleting a Network
Function
This interface is used to delete a network.
API Format
Method URI Description
DELETE /v2.0/networks/{network-id} Deletes all networks towhich the specified tenanthas access.
Restrictions
N/A
Request Parameter
None
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 212
Response ParameterNone
Example RequestDELETE /v2.0/networks/60c809cb-6731-45d0-ace8-3bf5626421a9
Example ResponseNone (STATUS CODE 204)
Error CodesN/A
Virtual Private CloudAPI Reference 14 Network (Native OpenStack API)
Issue 01 (2017-12-31) 213
15 Subnet (Native OpenStack API)
15.1 Overview
Object Introduction
This interface is used to manage and perform operations on subnet resources, includingquerying subnets, creating a subnet, querying a specified subnet, deleting a subnet, andupdating a subnet.
Object Model
Table 15-1 subnet object
Attribute Type CRUD DefaultValue
Constraint Description
id Uuid-str R Automatically generated
N/A Specifies the subnetID.
name String(255)
CRU None N/A Specifies the subnetname.
ip_version Int CR N/A The valuecan only be4 or 6.
Specifies theInternet Protocol(IP) version.Only IPv4 issupported.
ipv6_address_mode
String CR N/A The valuecan only bedhcpv6-stateful,dhcpv6-stateless, orslaac.
Specifies the IPv6addressing mode.This attribute is notsupported.
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 214
Attribute Type CRUD DefaultValue
Constraint Description
ipv6_ra_mode
String CR N/A The valuecan only bedhcpv6-stateful,dhcpv6-stateless, orslaac.
Specifies the IPv6route broadcastmode.This attribute is notsupported.
network_id Uuid-str CR N/A The valuemust be anexistingnetwork ID.
Specifies the ID ofthe network towhich the subnetbelongs.
cidr String(64) CR N/A The valuemust be inthe validCIDRformat.
Specifies the CIDRformat.Only the addressesin the 10.0.0.0/8,172.16.0.0/12, and192.168.0.0/16network segmentsare supported. Inaddition, the subnetmask cannot begreater than 28.
gateway_ip String(64) CRUD First IPaddress in aCIDR block
The valuemust be avalid IPaddress ornull.
The gateway IPaddress cannotconflict with IPaddressesconfigured forallocation_pools.(If the parametervalue is changed,this change doesnot take effect inthe L3 plug-indelivered withFusionSphereOpenStackV100R006C10.)
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 215
Attribute Type CRUD DefaultValue
Constraint Description
allocation_pools
List(allocation_pool)
CR All IPaddresses ina CIDRblockexceptingthe gatewayandbroadcastaddresses
The startand end IPaddressesmust bevalid.
Specifies theavailable IP addresspool. For detailsabout theallocation_poolobject, see Table15-2.For example,[ { "start":"10.0.0.2", "end":"10.0.0.251"} ]The first and thelast four IPaddresses in eachsubnet are the onesreserved by thesystem. Forexample, in subnet192.168.1.0/24, IPaddresses192.168.1.0,192.168.1.252,192.168.1.253,192.168.1.254, and192.168.1.255 arereserved by thesystem. By default,the IP addressesreserved by thesystem are not inthe IP address poolspecified byallocation_pool.When updating anIP address pool, theallocation_poolvalue can containneither gateway norbroadcast IPaddresses.
dns_nameservers
List(String)
CRU Empty list A maximumof five DNSserveraddressesaresupported.
Specifies the DNSserver address.For example,"dns_nameservers":["8.8.8.8","8.8.4.4"].
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 216
Attribute Type CRUD DefaultValue
Constraint Description
host_routes List(host_route)
CRU Empty list A maximumof 20 staticVM routesaresupported.
Specifies the staticVM routes. Fordetails, see thehost_route object.Static routes are notsupported, andentered informationwill be ignored.
tenant_id String(255)
CR N/A N/A Specifies the tenantID. Only theadministrator canspecify the tenantID of other tenants.
enable_dhcp Bool CRU true The valuecan only betrue orfalse.
Specifies whetherto enable the DHCPfunction. Valuefalse indicates thatthe DHCP functionis not enabled.The value can onlybe true.
Table 15-2 allocation_pool object
Parameter Type Constraint Mandatory Remarks
start String(64) The valuemust be avalid IPaddress.
No Specifies the start IPaddress of a network pool.
end String(64) The valuemust be avalid IPaddress.
No Specifies the end IPaddress of a network pool.
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 217
Table 15-3 host_route object
Parameter Type Constraint Mandatory Remarks
destination String(64) The valuemust be inthe validCIDRformat.
No Specifies the destinationsubnet of a route.
nexthop String(64) The valuemust be avalid IPaddress.
No Specifies the next-hop IPaddress of a route.
15.2 Querying Subnets
FunctionThis interface is used to query subnets using search criteria and to display the subnets in a list.
API FormatMethod URI Description
GET /v2.0/subnets?name={subnet_name }&ip_version={ip_version}&network_id={network_id}&cidr={subnet_cidr_address}&gateway_ip={subnet_gateway}&tenant_id={tenant_id}&enable_dhcp={is_enable_dhcp}
Queries all subnetsaccessible to the tenantsubmitting the request. Amaximum of 2000 recordscan be returned for eachquery operation. If thenumber of records exceeds2000, the pagination markerwill be returned. For details,see section A.4 Pagination.
RestrictionsN/A
Request ParameterNone
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 218
Response ParameterParameter Type Mandatory Description
subnets List(subnet) Yes Specifies the subnet list. For details,see Table 15-1.
Example Request{ "subnets": [ { "name": "", "enable_dhcp": true, "network_id": "9daeac7c-a98f-430f-8e38-67f9c044e299", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "dns_nameservers": [,],"allocation_pools": [ { "start": "192.150.73.2", "end": "192.150.73.254" } ], "host_routes": [], "ip_version": 4, "gateway_ip": "192.150.73.1", "cidr": "192.150.73.0/24", "id": "132dc12d-c02a-4c90-9cd5-c31669aace04" }, { "name": "testsubnet", "enable_dhcp": true, "network_id": "60c809cb-6731-45d0-ace8-3bf5626421a9", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "dns_nameservers": [ "8.8.4.4", "8.8.8.8" ], "allocation_pools": [ { "start": "10.0.10.2", "end": "10.0.10.254" } ], "host_routes": [], "ip_version": 4, "gateway_ip": "10.0.10.1", "cidr": "10.0.10.0/24", "id": "e0fa7de1-a6e2-44c9-b052-b9d8cebe93c4" }, { "name": "subnet02", "enable_dhcp": true, "network_id": "3d42a0d4-a980-4613-ae76-a2cddecff054", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "dns_nameservers": [ "8.8.8.7", "8.8.8.8" ], "allocation_pools": [ { "start": "10.1.1.2", "end": "10.1.1.254" } ], "host_routes": [],
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 219
"ip_version": 4, "gateway_ip": "10.1.1.1", "cidr": "10.1.1.0/24", "id": "e25189a8-54df-4948-9396-d8291ffc92a0" } ]}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 220
Returned Value Description
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
15.3 Querying a Subnet
FunctionThis interface is used to query details about a subnet.
API FormatMethod URI Description
GET /v2.0/subnets/{subnet-id} Queries details about thespecified subnet.
RestrictionsN/A
Request ParameterNone
Response ParameterParameter Type Mandatory Description
subnet Dict Yes Specifies the subnet list. For details,see Table 15-1.
Example RequestGET /v2.0/subnets/e0fa7de1-a6e2-44c9-b052-b9d8cebe93c4
Example Response{ "subnet": { "name": "testsubnet", "enable_dhcp": true, "network_id": "60c809cb-6731-45d0-ace8-3bf5626421a9", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "dns_nameservers": [ "8.8.8.7", "8.8.8.8"
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 221
], "allocation_pools": [ { "start": "10.0.10.2", "end": "10.0.10.254" } ], "host_routes": [], "ip_version": 4, "gateway_ip": "10.0.10.1", "cidr": "10.0.10.0/24", "id": "e0fa7de1-a6e2-44c9-b052-b9d8cebe93c4" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 222
Returned Value Description
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
15.4 Creating a Subnet
Function
This interface is used to create a subnet.
API Format
Method URI Description
POST /v2.0/subnets Creates a subnet.
Restrictions
N/A
Request Parameter
Parameter Type Mandatory Description
subnet dict Yes Specifies the subnet list. For details, seeTable 15-1.Mandatory fields: network_id and cidr
Response Parameter
Parameter Type Mandatory Description
subnet dict Yes Specifies the subnet list. For details, seeTable 15-1.
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 223
Example RequestPOST /v2.0/subnets{ "subnet": { "name": "testsubnet", "enable_dhcp": true, "network_id": "60c809cb-6731-45d0-ace8-3bf5626421a9", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "dns_nameservers": [ "8.8.8.8", "8.8.8.7" ], "allocation_pools": [ { "start": "10.0.10.2", "end": "10.0.10.254" } ], "host_routes": [], "ip_version": 4, "gateway_ip": "10.0.10.1", "cidr": "10.0.10.0/24" }}
Example Response{ "subnet": { "name": "testsubnet", "enable_dhcp": true, "network_id": "60c809cb-6731-45d0-ace8-3bf5626421a9", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "dns_nameservers": [ "8.8.8.7", "8.8.8.8" ], "allocation_pools": [ { "start": "10.0.10.2", "end": "10.0.10.254" } ], "host_routes": [], "ip_version": 4, "gateway_ip": "10.0.10.1", "cidr": "10.0.10.0/24", "id": "e0fa7de1-a6e2-44c9-b052-b9d8cebe93c4" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 224
NormalResponseCode
Type Description
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
15.5 Updating a Subnet
Function
This interface is used to update information about a subnet.
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 225
API FormatMethod URI Description
PUT /v2.0/subnets/{subnet-id} Updates a subnet.
RestrictionsWhen updating the allocation_pools field, neither gateway nor broadcast IP addresses can beincluded.
Request ParameterParameter Type Mandatory Description
subnet dict Yes Specifies the subnet list. For details, seeTable 15-1.This parameter has no mandatory fields. Youmust specify at least one attribute whenupdating the subnet.
Response ParameterParameter Type Mandatory Description
subnet dict Yes Specifies the subnet list. For details,see Table 15-1.
Example RequestPUT /v2.0/subnets/907c9a08-7b14-4863-9d9c-9f6b93fa987a{ "subnet": { "name": "testsubnet", "dns_nameservers": [ "1.1.1.1", "2.2.2.2" ], "enable_dhcp": true }}
Example Response{ "subnet": { "name": "testsubnet", "enable_dhcp": true, "network_id": "9daeac7c-a98f-430f-8e38-67f9c044e299", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "dns_nameservers": [ "1.1.1.1", "2.2.2.2"
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 226
], "allocation_pools": [ { "start": "10.0.10.2", "end": "10.0.10.254" } ], "host_routes": [], "ip_version": 4, "gateway_ip": "10.0.10.1", "cidr": "10.0.10.0/24", "id": "907c9a08-7b14-4863-9d9c-9f6b93fa987a" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 227
Returned Value Description
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
15.6 Deleting a Subnet
Function
This interface is used to delete a subnet.
API Format
Method URI Description
DELETE /v2.0/subnets/{subnet-id} Deletes a subnet.
Restrictions
N/A
Request Parameter
None
Response Parameter
None
Example RequestDELETE /v2.0/subnets/74259164-e63a-4ad9-9c77-a1bd2c9aa187
Example Response
None
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 228
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 15 Subnet (Native OpenStack API)
Issue 01 (2017-12-31) 229
16 Router (Native OpenStack API)
16.1 Overview
Object IntroductionThis interface is used to manage and perform operations on router resources, includingquerying routers, creating a router, querying a specified router, deleting a router, and updatinga router.
Response Parameter
Table 16-1 router object
Attribute Type CRUD DefaultValue
Constraint Description
id Uuid-str R Automaticallygenerated
N/A Specifies the routerID.
name String(64) CRU None N/A Specifies the routername.The name can containonly digits, letters,underscores (_), andhyphens (-).
admin_state_up
Bool CRU true The valuecan only betrue or false.
Specifies theadministrative status.The value can only betrue.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 230
Attribute Type CRUD DefaultValue
Constraint Description
status String R N/A N/A Specifies the routerstatus. The value canbe ACTIVE,DOWN, or ERROR.
tenant_id String(255) CR N/A N/A Specifies the tenantID. Only theadministrator canspecify the tenant IDof other tenants.
external_gateway_info
Dict CRU N/A N/A Specifies the externalgateway information.This is an extendedattribute. For details,see Table 16-2.
routes List(route) RU N/A N/A Specifies informationabout the routes. Thisis an extendedattribute. For details,see Table 16-3.
distributed Bool CRU False The valuecan only betrue or false.
Specifies thedistributeddeployment mode.Administratorpermission required.
ha Bool CR False The valuecan only betrue or false.
Specifies the HAdeployment mode.Administratorpermission required.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 231
Table 16-2 external_gateway_info object
Attribute Type CRUD DefaultValue
Constraint Description
network_id Uuid-str CRU N/A N/A Specifies the UUIDof the externalnetwork.You can use GET /v2.0/networks?router:external=True or run theneutron net-external-listcommand to queryinformation aboutthe external network.
enable_snat Bool CRU N/A N/A Specifies whetherthe SNAT function isenabled.The default value isfalse.
Table 16-3 route object
Attribute Type CRUD DefaultValue
Constraint Description
destination String RU N/A The prefixcannot bethe same asthat of adirect route.
Specifies the IP addresssegment. You can onlyconfigure the defaultroute, and its value canonly be 0.0.0.0/0.
nexthop String RU N/A N/A Specifies the next hopIP address. The IPaddress can only be onein the subnet associatedwith the router.
16.2 Querying Routers
FunctionThis interface is used to query routers.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 232
API FormatMethod URI Description
GET /v2.0/routers?id={ id }&name={ name }&admin_state_up={admin_state_up}&tenant_id={tenant_id}&status={status}
Queries all routersaccessible to the tenantsubmitting the request.
RestrictionsN/A
Request ParameterNone
Response ParameterParameter Type Mandatory Description
routers List(router) Yes Specifies the router list. For details,see Table 16-1.
Example RequestGET/v2.0/routers
Example Response{ "routers": [ { "status": "ACTIVE", "external_gateway_info": { "network_id": "9daeac7c-a98f-430f-8e38-67f9c044e299", "enable_snat": false }, "name": "router", "admin_state_up": true, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "routes": [], "id": "b147a74b-39bb-4c7a-aed5-19cac4c2df13", } ]}
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 233
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 234
16.3 Querying a Router
FunctionThis interface is used to query details about a router.
API FormatMethod URI Description
GET /v2.0/routers/{router_id} Queries details about aspecific router accessible tothe tenant submitting therequest.
RestrictionsN/A
Request ParameterNone
Response ParameterParameter Type Mandatory Description
router Dict Yes Specifies the router list. For details,see Table 16-1.
Example RequestGET /v2.0/routers/b147a74b-39bb-4c7a-aed5-19cac4c2df13
Example Response{ "router": { "status": "ACTIVE", "external_gateway_info": { "network_id": "9daeac7c-a98f-430f-8e38-67f9c044e299","enable_snat": false }, "name": "router", "admin_state_up": true, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "routes": [], "id": "b147a74b-39bb-4c7a-aed5-19cac4c2df13", "distributed": false, "ha": false }}
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 235
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 236
16.4 Creating a Router
FunctionThis interface is used to create a router.
API FormatMethod URI Description
POST /v2.0/routers Creates a router.
RestrictionsN/A
Request ParameterParameter Type Mandatory Description
router Dict Yes Specifies the router list. For details,see Table 16-1. This parameter hasno mandatory fields.
Response ParameterParameter Type Mandatory Description
router Dict Yes Specifies a router. For details, see therouter object table.
Example RequestPOST /v2.0/routers{ "router": { "name": "router2", "admin_state_up": true, "external_gateway_info": { "network_id": "9daeac7c-a98f-430f-8e38-67f9c044e299" } }}
Example Response{ "router": { "status": "ACTIVE",
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 237
"external_gateway_info": { "network_id": "9daeac7c-a98f-430f-8e38-67f9c044e299", "enable_snat": false } "name": "router2", "admin_state_up": true, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "id": "76e48ca6-7d2d-45a6-947b-e48969a6035b", "distributed": false, "ha": false }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 238
Returned Value Description
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
16.5 Updating a Router
Function
This interface is used to update a router.
API Format
Method URI Description
PUT /v2.0/routers/{router_id} Updates router information.
Restrictions
N/A
Request Parameter
Parameter Type Mandatory Description
router Dict Yes Specifies the router list. For details, seeTable 16-1.This parameter has no mandatory fields.You must specify at least one attribute whenupdating the router.
Response Parameter
Parameter Type Mandatory Description
router Dict Yes Specifies the router list. For details, see Table16-1.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 239
Example RequestPUT/v2.0/routers{ "router": { "name": "router3" }}
Example Response{ "router": { "status": "ACTIVE", "external_gateway_info": { "network_id": "9daeac7c-a98f-430f-8e38-67f9c044e299","enable_snat": false }, "name": "router3", "admin_state_up": true, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "id": "7b45d3c6-22a8-4cfc-ad17-56b8d5323eef" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 240
Returned Value Description
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
16.6 Deleting a Router
FunctionThis interface is used to delete a router.
API FormatMethod URI Description
DELETE /v2.0/routers/{router_id} Deletes a specified router.
RestrictionsN/A
Request ParameterNone
Response ParameterNone
Example RequestDELETE /v2.0/routers/0735a367-2caf-48fb-85aa-6082266f342e
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 241
Example Response
None
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 242
Returned Value Description
504 Gateway Timeout A gateway timeout error occurred.
16.7 Adding an Interface to a Router
Function
This interface is used to add an interface to a router.
API Format
Method URI Description
PUT /v2.0/routers/{router_id}/add_router_interface
Adds an interface to arouter.
Restrictionsl When a port is used, the port can have only one IP address.
l When a subnet is used, the gateway IP address must be configured for the subnet.
l A router cannot be added for networks whose provider:network_type is geneve.
Request Parameter
Parameter Type Mandatory Description
subnet_id uuid-str No Specifies the subnet ID. Either subnet_id orport_id is used.Use the gateway IP address of the subnet tocreate a router interface.
port_id uuid-str No Specifies the port ID. Either subnet_id orport_id is used. Use the port IP address tocreate a router interface.
Response Parameter
Parameter Type Mandatory Description
subnet_id uuid-str Yes Specifies the subnet ID.
tenant_id uuid-str Yes Specifies the tenant ID.
port_id uuid-str Yes Specifies the port ID.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 243
Parameter Type Mandatory Description
id uuid-str Yes Specifies the router ID.
Example RequestPUT /v2.0/routers/5b8e885c-1347-4ac2-baf9-2249c8ed1270/add_router_interface{"subnet_id": "ab78be2d-782f-42a5-aa72-35879f6890ff"}
Example Response{ "subnet_id": "ab78be2d-782f-42a5-aa72-35879f6890ff", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "port_id": "40e86635-b2a3-45de-a7c8-3cced5b7e755", "id": "5b8e885c-1347-4ac2-baf9-2249c8ed1270"}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 244
Returned Value Description
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
16.8 Removing an Interface from a Router
FunctionThis interface is used to remove an interface from a router.
API FormatMethod URI Description
PUT /v2.0/routers/{router_id}/remove_router_interface
Removes an interface from arouter.
RestrictionsYou are not allowed to remove an interface from a router if the subnet contains load balancerobjects.
Request ParameterParameter Type Mandatory Description
subnet_id uuid-str No Specifies the subnet ID. Either subnet_id orport_id is used.Use the gateway IP address of the subnet tocreate a router interface.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 245
Parameter Type Mandatory Description
port_id uuid-str No Specifies the port ID. Either subnet_id orport_id is used. Use the port IP address tocreate a router interface.
Response Parameter
Parameter Type Mandatory Description
subnet_id uuid-str Yes Specifies the subnet ID.
tenant_id uuid-str Yes Specifies the tenant ID.
port_id uuid-str Yes Specifies the port ID.
id uuid-str Yes Specifies the router ID.
Example RequestPUT /v2.0/routers/b625c58c-0cfe-49e0-acc8-f2374f8187ff/remove_router_interface{"subnet_id": "4b910a10-0860-428b-b463-d84dbc5e288e"}
Example Response{ "subnet_id": "4b910a10-0860-428b-b463-d84dbc5e288e", "tenant_id": "3d72597871904daeb6887f75f848b531", "port_id": "34d7d063-8f40-4958-b420-096db40d4067", "id": "b625c58c-0cfe-49e0-acc8-f2374f8187ff"}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 246
Returned Value Description
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 16 Router (Native OpenStack API)
Issue 01 (2017-12-31) 247
17 Floating IP Address (Native OpenStack
API)
17.1 Overview
Object IntroductionManage and perform operations on floating IP addresses, including querying floating IPaddresses, creating floating IP addresses, querying a specified floating IP address, deleting afloating IP address, and updating a floating IP address.
Object Model
Table 17-1 Floating IP address object
Attribute Type CRUD DefaultValue
Constraint Description
status String R DOWN N/A Specifies the networkstatus. The value canbe ACTIVE,DOWN, or ERROR.
id Uuid-str R Automaticallygenerated
N/A Specifies the floatingIP address ID.
floating_ip_address
String(64) CR None N/A Specifies the floatingIP address.
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 248
Attribute Type CRUD DefaultValue
Constraint Description
floating_network_id
Uuid-str CR N/A N/A Specifies the externalnetwork ID.You can only usefixed externalnetwork. You can useGET /v2.0/networks?router:external=True or GET /v2.0/networks?name={floating_network} or run theneutron net-external-listcommand to obtaininformation about theexternal network.
router_id Uuid-str R None N/A Specifies the ID of thebelonged router.
port_id Uuid-str CRU None N/A Specifies the port ID.
fixed_ip_address
String(64) CRU None IP address ornone
Specifies the privateIP address of theassociated port.Content entered byusers will be ignored.
tenant_id String(255)
CR ID of theauthenticatedtenant
N/A Specifies the tenantID. Only theadministrator canspecify the tenant IDof other tenants.
17.2 Querying Floating IP Addresses
FunctionThis interface is used to query floating IP addresses using search criteria and to display thefloating IP addresses in a list.
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 249
API Format
Method URI Description
GET /v2.0/floatingips?id={fip_id}&router_id={router_id}&floating_network_id={net_id }&floating_ip_address={floating_ip }&port_id={port_id }&fixed_ip_address={fixed_ip}&tenant_id={tenant_id}
Queries all floating IPaddresses accessible to thetenant submitting therequest. A maximum of2000 records can bereturned for each queryoperation. If the number ofrecords exceeds 2000, thepagination marker will bereturned. For details, seesection A.4 Pagination.
Restrictions
N/A
Request Parameter
None
Response Parameter
Parameter Type Mandatory Description
floatingips List(floatingip)
Yes Specifies the floating IP address list. Fordetails, see Table 17-1.
Example RequestGET /v2.0/floatingips
Example Response{ "floatingips": [ { "router_id": "21978e24-b96d-43be-8452-5dd731acde96", "status": "DOWN", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "floating_network_id": "0a2228f2-7f8a-45f1-8e09-9039e1d09975", "fixed_ip_address": "10.1.1.2", "floating_ip_address": "192.150.73.5", "port_id": "3cb820b8-82ba-446c-9845-f1ef843d744b", "id": "2dedb5e7-cb70-4e78-b50f-d88c8321d161" } ]}
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 250
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
ErrorResponseCode
Type Possible Cause
400 Bad request The server failed to process the request.
401 Unauthorized You must enter the username and password to access therequested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
409 Conflict The request could not be processed due to a conflict.
500 Internal servererror
Failed to complete the request because of an internalservice error.
503 Serviceunavailable
Failed to complete the request because the service isunavailable.
17.3 Querying a Floating IP Address
FunctionThis interface is used to query details about a floating IP address.
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 251
API Format
Method URI Description
GET /v2.0/floatingips/{floatingip_id} Queries details about aspecific floating IP addressaccessible to the tenantsubmitting the request.
Restrictions
N/A
Request Parameter
None
Response Parameter
Parameter Type Mandatory Description
floatingip Dict Yes Specifies the floating IP address list. Fordetails, see Table 17-1.
Example RequestGET/v2.0/floatingips/2dedb5e7-cb70-4e78-b50f-d88c8321d161
Example Response{ "floatingip": { "router_id": "b147a74b-39bb-4c7a-aed5-19cac4c2df13", "status": "DOWN", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "floating_network_id": "0a2228f2-7f8a-45f1-8e09-9039e1d09975", "fixed_ip_address": "10.1.1.2", "floating_ip_address": "192.150.73.5", "port_id": "3cb820b8-82ba-446c-9845-f1ef843d744b", "id": "2dedb5e7-cb70-4e78-b50f-d88c8321d161" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 252
NormalResponseCode
Type Description
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
ErrorResponseCode
Type Possible Cause
400 Bad request The server failed to process the request.
401 Unauthorized You must enter the username and password to access therequested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
409 Conflict The request could not be processed due to a conflict.
500 Internal servererror
Failed to complete the request because of an internalservice error.
503 Serviceunavailable
Failed to complete the request because the service isunavailable.
17.4 Creating a Floating IP Address
FunctionThis interface is used to create a floating IP address.
API FormatMethod URI Description
POST /v2.0/floatingips Creates a floating IP addressand associates it with aninternal port.
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 253
Restrictions
You can use GET /v2.0/networks?router:external=True or run the neutron net-external-list command to obtain the UUID of the external network required for creating a floating IPaddress.
Request Parameter
Parameter Type Mandatory Description
floatingip Dict Yes Specifies the floating IP address list. Fordetails, see Table 17-1.Mandatory field: floating_network_id
Response Parameter
Parameter Type Mandatory Description
floatingip Dict Yes Specifies the floating IP address list. Fordetails, see Table 17-1.
Example RequestPOST /v2.0/floatingips{ "floatingip": { "floating_network_id": "5ce655fa-c911-4d2c-99f7-445bc1162ef8", "port_id": "552389f5-8f4c-4bb7-9991-07233c315d60" }}
Example Response{ "floatingip": { "router_id": "76c052d6-6a92-444c-b67d-147ee166a480", "status": "DOWN", "tenant_id": "6fd9b5fdb997425f97bc5ba1f0846084", "floating_network_id": "5ce655fa-c911-4d2c-99f7-445bc1162ef8", "fixed_ip_address": "12.14.56.5", "floating_ip_address": "100.64.0.30", "port_id": "552389f5-8f4c-4bb7-9991-07233c315d60", "id": "2567f393-5c76-42db-a397-477723ce41f7" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 254
NormalResponseCode
Type Description
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
ErrorResponseCode
Type Possible Cause
400 Bad request The server failed to process the request.
401 Unauthorized You must enter the username and password to access therequested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
409 Conflict The request could not be processed due to a conflict.
500 Internal servererror
Failed to complete the request because of an internalservice error.
503 Serviceunavailable
Failed to complete the request because the service isunavailable.
17.5 Updating a Floating IP Address
FunctionThis interface is used to update a floating IP address.
API FormatMethod URI Description
PUT /v2.0/floatingips/{floatingip_id} Updates a specific floatingIP address and the portassociated with the address.
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 255
Restrictions
When you bind a floating IP address, if the floating IP address is in the error state, tryunbinding the address first.
You are not allowed to bind a floating IP address that has been bound to a port to another port.You must first unbind the IP address from its original port and bind it to the required port.
Request ParameterParameter Type Mandatory Description
floatingip Dict Yes Specifies the floating IP address list. Fordetails, see Table 17-1. Parametersfloatingip and port_id are mandatoryfields.
Response ParameterParameter Type Mandatory Description
floatingip Dict Yes Specifies the floating IP address list. Fordetails, see Table 17-1.
Example Request 1PUT /v2.0/floatingips/b639c937-4737-4107-8978-fecc7327a5ae{ "floatingip": { "port_id": "21b5c483-84e9-40a1-86b3-3041606106f5", "fixed_ip_address": "10.0.2.2" }}
Example Response 1{ "floatingip": { "router_id": "76c052d6-6a92-444c-b67d-147ee166a480", "status": "ACTIVE", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "floating_network_id": "0a2228f2-7f8a-45f1-8e09-9039e1d09975", "fixed_ip_address": "10.0.2.2", "floating_ip_address": "192.150.73.19", "port_id": "21b5c483-84e9-40a1-86b3-3041606106f5", "id": "b639c937-4737-4107-8978-fecc7327a5ae" }}
Example Request 2PUT /v2.0/floatingips/3870858f-91dc-489f-92a1-c04dbdc6d781{ "floatingip": { "port_id": null
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 256
}}
Example Response 2{ "floatingip": { "floating_network_id": "809fdbbc-2e3e-426e-897c-cb632b081a72", "router_id": null, "fixed_ip_address": null, "floating_ip_address": "192.168.0.3", "tenant_id": "3c8c36e1520147ccbc83d2ccfbb9ab24", "status": "ACTIVE", "port_id": null, "id": "3870858f-91dc-489f-92a1-c04dbdc6d781" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
ErrorResponseCode
Type Possible Cause
400 Bad request The server failed to process the request.
401 Unauthorized You must enter the username and password to access therequested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
409 Conflict The request could not be processed due to a conflict.
500 Internal servererror
Failed to complete the request because of an internalservice error.
503 Serviceunavailable
Failed to complete the request because the service isunavailable.
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 257
17.6 Deleting a Floating IP Address
Function
This interface is used to delete a floating IP address.
API Format
Method URI Description
DELETE /v2.0/floatingips/{floatingip_id} Deletes a specific floating IPaddress.
Restrictions
None
Request Parameter
None
Response Parameter
None
Example RequestDELETE/v2.0/floatingips/a95ec431-8473-463b-aede-34fb048ee3a7
Example Response
None
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 258
ErrorResponseCode
Type Possible Cause
400 Bad request The server failed to process the request.
401 Unauthorized You must enter the username and password to access therequested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
409 Conflict The request could not be processed due to a conflict.
500 Internal servererror
Failed to complete the request because of an internalservice error.
503 Serviceunavailable
Failed to complete the request because the service isunavailable.
Virtual Private CloudAPI Reference 17 Floating IP Address (Native OpenStack API)
Issue 01 (2017-12-31) 259
18 Network ACL (Native OpenStack API)
18.1 Overview
Object Introduction
Use FWaaS API 2.0 to manage and perform other operations on the network ACL objectmodels. The operations include querying, creating, updating, and deleting firewall rules,querying, creating, updating, and deleting firewall policies, as well as querying, creating,updating, and deleting firewall groups.
Object Model
Table 18-1 Firewall Rule object
Attribute Type CRUD DefaultValue
Constraint Description
id Uuid-str R None N/A Specifies the UUIDof the network ACLrule.
name String(255)
CRU None The value cancontain amaximum of255 characters.
Specifies thenetwork ACL rulename.
description String(255)
CRU None The value cancontain amaximum of255 characters.
Providessupplementaryinformation aboutthe network ACLrule.
tenant_id Uuid-str CR None N/A Specifies the ownerof the network ACLrule.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 260
Attribute Type CRUD DefaultValue
Constraint Description
public Bool CRU false The value canonly be true orfalse.
Specifies whetherthe firewall rule canbe shared bydifferent tenants.This attribute is foradministrators only.Tenants cannotconfigure or updatethis attribute andcan only query it.
protocol String CRU None The value canbe TCP, UDP,ICMP, or avalue rangingfrom 0 to 255.
Specifies thesupported InternetProtocol (IP)protocol.
source_port String CRU None The value canbe an integerfrom 1 to65,535 or aport numberrange in theformat of a:b.
Specifies the sourceport number or portnumber range.
destination_port
String CRU None The value canbe an integerfrom 1 to65,535 or aport numberrange in theformat of a:b.
Specifies thedestination portnumber or portnumber range.
ip_version Integer CRU 4 IPv4/IPv6 Specifies the IPprotocol version.
source_ip_address
String CRU None N/A Specifies the sourceIP address or CIDRblock.
destination_ip_address
String CRU None N/A Specifies thedestination IPaddress or CIDRblock.
action String CRU DENY DENY/ALLOW/REJECT
Specifies actionsperformed onforwarded networkACL traffic.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 261
Attribute Type CRUD DefaultValue
Constraint Description
enabled Bool CRU true true/false Specifies whetherthe network ACLrule is enabled.
Table 18-2 Firewall Policy object
Attribute Type CRUD DefaultValue
Constraint Description
id Uuid-str R None N/A Specifies theUUID of thenetwork ACLpolicy.
name String CRU None The value cancontain amaximum of 255characters.
Specifies the nameof the networkACL policy.
description String CRU None The value cancontain amaximum of 255characters.
Providessupplementaryinformation aboutthe network ACLpolicy.
tenant_id Uuid-str CR None N/A Specifies theowner of thenetwork ACLpolicy.
firewall_rules
List CRU None N/A Specifies thefirewall rulesreferenced by thenetwork ACLpolicy.
audited Bool CRU false true/false Specifies the auditflag.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 262
Attribute Type CRUD DefaultValue
Constraint Description
public Bool CRU false The value can onlybe true or false.
Specifies whetherthe firewall policycan be shared bydifferent tenants.This attribute is foradministratorsonly. Tenantscannot configureor update thisattribute and canonly query it.
Table 18-3 Firewall Group object
Attribute Type CRUD DefaultValue
Constraint Description
id Uuid-str R None N/A Specifies theUUID of thenetwork ACLgroup.
name String CRU None The value cancontain amaximum of 255characters.
Specifies thename of thenetwork ACLgroup.
description String CRU None The value cancontain amaximum of 255characters.
Providessupplementaryinformationabout thenetwork ACLgroup.
tenant_id Uuid-str CR None N/A Specifies theowner of thenetwork ACLgroup.
ingress_firewall_policy_id
Uuid-str CRU None N/A Specifies thenetwork ACLpolicy forinbound traffic.
egress_firewall_policy_id
Uuid-str CRU None N/A Specifies thenetwork ACLpolicy foroutbound traffic.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 263
Attribute Type CRUD DefaultValue
Constraint Description
ports List CRU None The value must bethe port ID of thedistributed router.
Specifies the listof ports boundwith the networkACL group.
public Bool CRU false The value canonly be true orfalse.
Specifieswhether thefirewall groupcan be shared bydifferent tenants.This attribute isforadministratorsonly. Tenantscannot configureor update thisattribute and canonly query it.
status String R None The value canonly be one of thefollowing:ACTIVE,CREATE,INACTIVE,PENDING_CREATE,PENDING_UPDATE,PENDING_DELETE, and ERROR
Specifies thestatus of thenetwork ACLpolicy.
admin_state_up
Bool CRU true true/false Specifieswhether thenetwork ACL iscontrolled by theadministrator.
18.2 Querying Network ACL Rules
FunctionThis interface is used to query all network ACL rules.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 264
API FormatMethod URI Description
GET /v2.0/fwaas/firewall_rules Queries all network ACLrules accessible to the tenantsubmitting the request.
RestrictionsN/A
Request ParameterNone
Response ParameterParameter Type Mandatory Description
firewall_rules List(firewall rule)
Yes Specifies the firewall rule list. For details,see Table 18-1. A maximum of 2000records can be returned for each queryoperation. If the number of recordsexceeds 2000, the pagination marker willbe returned. For details, see section A.4Pagination.
Example RequestGET/v2.0/fwaas/firewall_rules
Example Response{ "firewall_rules": [ { "protocol": "tcp", "name": "crhfwruleupdate", "mode": "normal", "tenant_id": "f480f5d250824e5fafedcf05acf1419c", "rule_profile": "", "enabled": true, "source_port": null, "source_ip_address": null, "destination_ip_address": null, "firewall_policy_id": "b4f81251-c47a-4fe1-8579-6f9271d015d1", "action": "deny", "position": 1, "ip_version": 4, "shared": false, "destination_port": null, "id": "2a193015-4a88-4aa1-84ad-d4955adae707", "description": "" }, {
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 265
"protocol": "tcp", "name": "update_firewall-role-tommy", "mode": "mix", "tenant_id": "a1c6f90c94334bd2953d9a61b8031a68", "rule_profile": "", "enabled": false, "source_port": "20:50", "source_ip_address": null, "destination_ip_address": null, "firewall_policy_id": null, "action": "deny", "position": null, "ip_version": 4, "shared": true, "destination_port": "40:60", "id": "db7a204c-9eb1-40a2-9bd6-ed5cfd3cff32", "description": "update check parameter" } ]}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 266
Returned Value Description
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.3 Querying a Network ACL Rule
Function
This interface is used to query details about a specific network ACL rule.
API Format
Method URI Description
GET /v2.0/fwaas/firewall_rules/{firewall_rule_id} Queries details about anetwork ACL rule specifiedby the tenant submitting therequest.
Restrictions
N/A
Request Parameter
None
Response Parameter
Parameter Type Mandatory Description
firewall_rule Dict Yes Specifies the firewall rule. For details, seeTable 18-1.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 267
Example RequestGET/v2.0/fwaas/firewall_rules/514e6776-162a-4b5d-ab8b-aa36b86655ef
Example Response{ "firewall_rule": { "protocol": "tcp", "name": "bobby_rule", "mode": "normal", "tenant_id": "4490a89232ce46d4ae4bfb227ef1a40a", "rule_profile": "", "enabled": true, "source_port": null, "source_ip_address": null, "destination_ip_address": null, "firewall_policy_id": null, "action": "allow", "position": null, "ip_version": 4, "shared": false, "destination_port": null, "id": "514e6776-162a-4b5d-ab8b-aa36b86655ef", "description": "" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 268
Returned Value Description
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.4 Creating a Network ACL Rule
Function
This interface is used to create a network ACL rule.
API Format
Method URI Description
POST /v2.0/fwaas/firewall_rules Creates a network ACL rule.
Restrictions
N/A
Request Parameter
Parameter Type Mandatory Description
firewall_rule Dict Yes Specifies the firewall rule. Fordetails, see Table 18-1.Mandatory field: none
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 269
Response Parameter
Parameter Type Mandatory Description
firewall_rule Dict Yes Specifies the firewall rule. Fordetails, see Table 18-1.
Example RequestPOST /v2.0/fwaas/firewall_rules{ "firewall_rule": { "action": "allow", "enabled": true, "destination_port": "80", "protocol": "tcp", "name": "ALLOW_HTTP" }}
Example Response{ "firewall_rule": { "protocol": "tcp", "description": "", "source_ip_address": null, "destination_ip_address": null, "source_port": null, "destination_port": "80", "id": "b94acf06-efc2-485d-ba67-a61acf2a7e28", "name": "ALLOW_HTTP", "tenant_id": "23c8a121505047b6869edf39f3062712", "enabled": true, "action": "allow", "ip_version": 4, "public": false }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 270
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.5 Updating a Network ACL Rule
Function
This interface is used to update a network ACL rule.
API Format
Method URI Description
PUT /v2.0/fwaas/firewall_rules/{firewall_rule_id} Updates a network ACLrule.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 271
RestrictionsN/A
Request ParameterParameter Type Mandatory Description
firewall_rule Dict Yes Specifies the firewall rule. Fordetails, see Table 18-1.Mandatory field: none
Response ParameterParameter Type Mandatory Description
firewall_rule Dict Yes Specifies the firewall rule. Fordetails, see Table 18-1.
Example RequestPUT /v2.0/fwaas/firewall_rules/b94acf06-efc2-485d-ba67-a61acf2a7e28{ "firewall_rule": { "action": "reject" }}
Example Response{ "firewall_rule": { "protocol": "tcp", "description": "", "source_ip_address": null, "destination_ip_address": null, "source_port": null, "destination_port": "80", "id": "b94acf06-efc2-485d-ba67-a61acf2a7e28", "name": "ALLOW_HTTP", "tenant_id": "23c8a121505047b6869edf39f3062712", "enabled": true, "action": "reject", "ip_version": 4, "public": false }}
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 272
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 273
18.6 Deleting a Network ACL Rule
Function
This interface is used to delete a network ACL rule.
API Format
Method URI Description
DELETE /v2.0/fwaas/firewall_rules/{firewall_rule_id}
Deletes a network ACL rule.
Restrictions
N/A
Request Parameter
None
Response Parameter
None
Example Request
DELETE /v2.0/fwaas/firewall_rules/b94acf06-efc2-485d-ba67-a61acf2a7e28
Example Response
None
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 274
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.7 Querying Network ACL Policies
FunctionThis interface is used to query all network ACL policies.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 275
API FormatMethod URI Description
GET /v2.0/fwaas/firewall_policies Queries all network ACLpolicies accessible to thetenant submitting therequest. A maximum of2000 records can bereturned for each queryoperation. If the number ofrecords exceeds 2000, thepagination marker will bereturned. For details, seesection A.4 Pagination.
RestrictionsN/A
Request ParameterNone
Response ParameterParameter Type Mandatory Description
firewall_policies List(firewall policy)
Yes Specifies the firewall policy list. Fordetails, see Table 18-2.
Example RequestGET/v2.0/fwaas/firewall_policies
Example Response{ "firewall_policies": [ { "description": "", "firewall_rules": [ "6c6803e0-ca8c-4aa9-afb3-4f89275b6c32" ], "tenant_id": "23c8a121505047b6869edf39f3062712", "public": false, "id": "6b70e321-0c21-4b83-bb8a-a886d1414a5f", "audited": false, "name": "fwp1" }, { "description": "", "firewall_rules": [ "6c6803e0-ca8c-4aa9-afb3-4f89275b6c32" ],
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 276
"tenant_id": "23c8a121505047b6869edf39f3062712", "public": false, "id": "fce92002-5a15-465d-aaca-9b44453bb738", "audited": false, "name": "fwp2" } ]}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 277
Returned Value Description
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.8 Querying a Network ACL Policy
Function
This interface is used to query details about a specific network ACL policy.
API Format
Method URI Description
GET /v2.0/fwaas/firewall_policies/{firewall_policy_id}
Queries details about anetwork ACL policyspecified by the tenantsubmitting the request.
Restrictions
N/A
Request Parameter
None
Response Parameter
Parameter Type Mandatory Description
firewall_policy Dict Yes Specifies the firewall policy list. Fordetails, see Table 18-2.
Example Request
GET/v2.0/fwaas/firewall_policies/fed2d88f-d0e7-4cc5-bd7e-c495f67037b6
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 278
Example Response{ "firewall_policy": { "description": "", "firewall_rules": [ "3c0e6267-73df-4d9a-87a6-e226f2db2036" ], "tenant_id": "23c8a121505047b6869edf39f3062712", "public": false, "id": "fed2d88f-d0e7-4cc5-bd7e-c495f67037b6", "audited": false, "name": "bobby_fwp1" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 279
Returned Value Description
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.9 Creating a Network ACL Policy
FunctionThis interface is used to create a network ACL policy.
API FormatMethod URI Description
POST /v2.0/fwaas/firewall_policies Creates a network ACLpolicy.
RestrictionsN/A
Request ParameterParameter Type Mandatory Description
firewall_policy Dict Yes Specifies the firewall policy list. Fordetails, see Table 18-2.Mandatory field: none
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 280
Response ParameterParameter Type Mandatory Description
firewall_policy Dict Yes Specifies the firewall policy list. Fordetails, see Table 18-2.
Example RequestPOST /v2.0/fwaas/firewall_policies{ "firewall_policy": { "name": "test-policy", "firewall_rules": [ "b8243448-cb3c-496e-851c-dadade4c161b" ] }}
Example Response{ "firewall_policy": { "description": "", "firewall_rules": [ "b8243448-cb3c-496e-851c-dadade4c161b" ], "tenant_id": "23c8a121505047b6869edf39f3062712", "public": false, "id": "2fb0e81f-9f63-44b2-9894-c13a3284594a", "audited": false, "name": "test-policy" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 281
Returned Value Description
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.10 Updating a Network ACL Policy
FunctionThis interface is used to update a network ACL policy.
API FormatMethod URI Description
PUT /v2.0/fwaas/firewall_policies/{firewall_policy_id}
Updates a network ACLpolicy.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 282
Restrictions
N/A
Request Parameter
Parameter Type Mandatory Description
firewall_policy Dict Yes Specifies the firewall policy list. Fordetails, see Table 18-2.Mandatory field: none
Response Parameter
Parameter Type Mandatory Description
firewall_policy Dict Yes Specifies the firewall policy list. Fordetails, see Table 18-2.
Example RequestPUT /v2.0/fwaas/firewall_policies/2fb0e81f-9f63-44b2-9894-c13a3284594a { "firewall_policy": { "firewall_rules": [ "0f82b221-8cd6-44bd-9dfc-0e118fa7b6b1" ] }}
Example Response{ "firewall_policy": { "description": "", "firewall_rules": [ "0f82b221-8cd6-44bd-9dfc-0e118fa7b6b1" ], "tenant_id": "23c8a121505047b6869edf39f3062712", "public": false, "id": "2fb0e81f-9f63-44b2-9894-c13a3284594a", "audited": false, "name": "test-policy" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 283
NormalResponseCode
Type Description
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 284
18.11 Deleting a Network ACL Policy
Function
This interface is used to delete a network ACL policy.
API Format
Method URI Description
DELETE /v2.0/fwaas/firewall_policies/{firewall_policy_id}
Deletes a network ACLpolicy.
Restrictions
N/A
Request Parameter
None
Response Parameter
None
Example Request
DELETE /v2.0/fwaas/firewall_policies/2fb0e81f-9f63-44b2-9894-c13a3284594a
Example Response
None
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 285
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.12 Inserting a Network ACL Rule
FunctionThis interface is used to insert a network ACL rule in a network ACL policy.
API FormatMethod URI Description
PUT /v2.0/fwaas/firewall_policies/{firewall_policy_id}/insert_rule
Inserts a network ACL rulein a specific network ACLpolicy.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 286
RestrictionsN/A
Request ParameterParameter Type Mandatory Description
firewall_policy_id String Yes firewall policy ID
firewall_rule_id String Yes firewall rule ID
insert_after String No The insert_after parameter indicatesthe firewall rule that has already beenassociated with the firewall policy. Anew firewall rule will be insertedafter the firewall rule associated withthe firewall policy.If both the insert_after andinsert_before parameters arespecified, the insert_after parameterwill be ignored.
insert_before String No The insert_before parameterindicates the firewall rule that hasalready been associated with thefirewall policy. A new firewall rulewill be inserted before the firewallrule associated with the firewallpolicy.If both the insert_after andinsert_before parameters arespecified, the insert_after parameterwill be ignored.
Response ParameterParameter Type Mandatory Description
description String Yes Provides supplementary informationabout the firewall policy.
audited Boolean Yes Each time the firewall policy or theassociated firewall rules are changed,this attribute will be set to False.
firewall_rules List Yes Specifies the ID list of the firewallrules associated with the currentfirewall policy.
id String Yes Specifies the firewall policy ID.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 287
Parameter Type Mandatory Description
name String Yes Specifies the firewall policy name.
public Boolean Yes If this attribute is set to True, thenetwork ACL policy is visible totenants other than its owner. Thenetwork ACL policy is not visible toother tenants by default.
tenant_id String Yes Specifies the ID of the current tenant.
Example RequestPUT /v2.0/fwaas/firewall_policies/afc52ce9-5305-4ec9-9feb-44feb8330341/insert_rule { "insert_after": "b8243448-cb3c-496e-851c-dadade4c161b", "firewall_rule_id": "0f82b221-8cd6-44bd-9dfc-0e118fa7b6b1", "insert_before": ""}
Example Response{ "description": "", "firewall_rules": [ "b8243448-cb3c-496e-851c-dadade4c161b", "0f82b221-8cd6-44bd-9dfc-0e118fa7b6b1" ], "tenant_id": "23c8a121505047b6869edf39f3062712", "public": false, "id": "afc52ce9-5305-4ec9-9feb-44feb8330341", "audited": false, "name": "test-policy"}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 288
Returned Value Description
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.13 Removing a Network ACL Rule from a NetworkACL Policy
Function
This interface is used to remove a network ACL rule from a network ACL policy.
API Format
Method URI Description
PUT /v2.0/fwaas/firewall_policies/{firewall_policy_id}/remove_rule
Removes a network ACLrule from a specific networkACL policy.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 289
RestrictionsN/A
Request ParameterParameter Type Mandatory Description
firewall_rule_id String Yes firewall rule ID
Response ParameterParameter Type Mandatory Description
description String Yes Provides supplementary informationabout the firewall policy.
audited Boolean Yes Each time the firewall policy or theassociated firewall rules are changed,this attribute will be set to False.
firewall_rules List Yes Specifies the ID list of the firewallrules associated with the currentfirewall policy.
id String Yes Specifies the firewall policy ID.
name String Yes Specifies the firewall policy name.
public Boolean Yes If this attribute is set to True, thenetwork ACL policy is visible totenants other than its owner. Thenetwork ACL policy is not visible toother tenants by default.
tenant_id String Yes Specifies the ID of the current tenant.
Example RequestPUT /v2.0/fwaas/firewall_policies/afc52ce9-5305-4ec9-9feb-44feb8330341/remove_rule {"firewall_rule_id": "0f82b221-8cd6-44bd-9dfc-0e118fa7b6b1"}
Example Response{ "description": "", "firewall_rules": [ "b8243448-cb3c-496e-851c-dadade4c161b" ], "tenant_id": "23c8a121505047b6869edf39f3062712", "public": false, "id": "afc52ce9-5305-4ec9-9feb-44feb8330341", "audited": false,
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 290
"name": "test-policy"}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 291
Returned Value Description
504 Gateway Timeout A gateway timeout error occurred.
18.14 Querying Network ACL Groups
Function
This interface is used to query all network ACL groups.
API Format
Method URI Description
GET /v2.0/fwaas/firewall_groups Queries all network ACLgroups accessible to thetenant submitting therequest. A maximum of2000 records can bereturned for each queryoperation. If the number ofrecords exceeds 2000, thepagination marker will bereturned. For details, seesection A.4 Pagination.
Restrictions
N/A
Request Parameter
None
Response Parameter
Parameter Type Mandatory Description
firewall_groups List(firewallgroup)
Yes Specifies the firewall group list. Fordetails, see Table 18-3.
Example RequestGET/v2.0/fwaas/firewall_groups
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 292
Example Response{ "firewall_groups": [ { "status": "INACTIVE", "public": false, "egress_firewall_policy_id": null, "name": "", "admin_state_up": true, "ports": [ ], "tenant_id": "23c8a121505047b6869edf39f3062712", "id": "cd600d47-0045-483f-87a1-5041ae2f513b", "ingress_firewall_policy_id": null, "description": "" }, { "status": "INACTIVE", "public": false, "egress_firewall_policy_id": "d939df29-fe76-4089-90c3-3778e4d53141", "name": "fwg-1475475043", "admin_state_up": true, "ports": [ ], "tenant_id": "0af57070695044ea9a70f04779e6aa1f", "id": "ca971b45-70ce-4879-9734-b6cac1d00845", "ingress_firewall_policy_id": "d939df29-fe76-4089-90c3-3778e4d53141", "description": "" } ]}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 293
Returned Value Description
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.15 Querying a Network ACL Group
Function
This interface is used to query details about a specific network ACL group.
API FormatMethod URI Description
GET /v2.0/fwaas/firewall_groups/{firewall_group_id}
Queries details about anetwork ACL groupspecified by the tenantsubmitting the request.
Restrictions
N/A
Request Parameter
None
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 294
Response Parameter
Parameter Type Mandatory Description
firewall_group Dict Yes Specifies the firewall group list. Fordetails, see Table 18-3.
Example RequestGET/v2.0/fwaas/firewall_groups/ a504a4cf-9300-40e0-b2d4-649bd157c55a
Example Response{ "firewall_group": { "status": "ACTIVE", "public": false, "egress_firewall_policy_id": null, "name": "bobby_fwg1", "admin_state_up": true, "ports": [ "16e6d779-15e9-48fb-abc5-b86457792a15" ], "tenant_id": "23c8a121505047b6869edf39f3062712", "id": "a504a4cf-9300-40e0-b2d4-649bd157c55a", "ingress_firewall_policy_id": "fed2d88f-d0e7-4cc5-bd7e-c495f67037b6", "description": "test" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 295
Returned Value Description
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.16 Creating a Network ACL Group
FunctionThis interface is used to create a network ACL group.
API FormatMethod URI Description
POST /v2.0/fwaas/firewall_groups Creates a network ACLgroup.
RestrictionsN/A
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 296
Request Parameter
Parameter Type Mandatory Description
firewall_group Dict Yes Specifies the firewall group list. Fordetails, see Table 18-3.Mandatory field: none
Response Parameter
Parameter Type Mandatory Description
firewall_group Dict Yes Specifies the firewall group list. Fordetails, see Table 18-3.
Example RequestPOST /v2.0/fwaas/firewall_groups{ "firewall_group": { "ingress_firewall_policy_id": "afc52ce9-5305-4ec9-9feb-44feb8330341", "ports": [ "c133f2bf-6937-4416-bb17-012e1be5cd2d" ] }}
Example Response{ "firewall_group": { "status": "PENDING_CREATE", "public": false, "egress_firewall_policy_id": null, "name": "", "admin_state_up": true, "ports": [ "c133f2bf-6937-4416-bb17-012e1be5cd2d" ], "tenant_id": "23c8a121505047b6869edf39f3062712", "id": "0415f554-26ed-44e7-a881-bdf4e6216e38", "ingress_firewall_policy_id": "afc52ce9-5305-4ec9-9feb-44feb8330341", "description": "" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 297
NormalResponseCode
Type Description
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 298
18.17 Updating a Network ACL Group
Function
This interface is used to update a network ACL group.
API FormatMethod URI Description
PUT /v2.0/fwaas/firewall_groups/{firewall_group_id}
Updates a network ACLgroup.
Restrictions
N/A
Request ParameterParameter Type Mandatory Description
firewall_group Dict Yes Specifies the firewall group list. Fordetails, see Table 18-3.Mandatory field: none
Response ParameterParameter Type Mandatory Description
firewall_group Dict Yes Specifies the firewall group list. Fordetails, see Table 18-3.
Example RequestPUT /v2.0/fwaas/firewall_groups/2fb0e81f-9f63-44b2-9894-c13a3284594a { "firewall_group": { "egress_firewall_policy_id": "53f36c32-db25-4856-a0ba-e605fd88c5e9" }}
Example Response{ "firewall_group": { "status": "PENDING_UPDATE", "public": false, "egress_firewall_policy_id": "53f36c32-db25-4856-a0ba-e605fd88c5e9",
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 299
"name": "", "admin_state_up": true, "ports": [ "c133f2bf-6937-4416-bb17-012e1be5cd2d" ], "tenant_id": "23c8a121505047b6869edf39f3062712", "id": "0415f554-26ed-44e7-a881-bdf4e6216e38", "ingress_firewall_policy_id": "afc52ce9-5305-4ec9-9feb-44feb8330341", "description": "" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 300
Returned Value Description
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
18.18 Deleting a Network ACL Group
FunctionThis interface is used to delete a network ACL group.
API FormatMethod URI Description
DELETE /v2.0/fwaas/firewall_groups/{firewall_group_id}
Deletes a network ACLgroup.
RestrictionsN/A
Request ParameterNone
Response ParameterNone
Example RequestDELETE /v2.0/fwaas/firewall_groups/0415f554-26ed-44e7-a881-bdf4e6216e38
Example ResponseNone
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 301
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 18 Network ACL (Native OpenStack API)
Issue 01 (2017-12-31) 302
19 Security Group (Native OpenStack API)
19.1 Overview
Object Introduction
Manage and perform operations on security groups and security group rules, includingquerying security groups and security group rules, creating a security group and securitygroup rule, querying a security group and security group rule, deleting a security group andsecurity group rule, and updating security groups.
Object Model
Table 19-1 Security Group object
Attribute Type CRUD DefaultValue
Constraint Description
id Uuid-str R None N/A Specifies thesecurity group ID.
tenant_id String(255)
CR None N/A Specifies the tenantID. Only theadministrator canspecify the tenant IDof other tenants.
name String(255)
CRU None The value ofthisparametercannot bedefaultwhen youcreate orupdate asecuritygroup.
Specifies thesecurity groupname.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 304
Attribute Type CRUD DefaultValue
Constraint Description
description String(255)
CRU None N/A Providessupplementaryinformation aboutthe security group.
security_group_rules
List(security_group_rule)
R None N/A Specifies thesecurity group rulelist. For details, seeTable 19-2.
Table 19-2 Security Group Rule object
Attribute Type CRUD DefaultValue
Constraint Description
id Uuid-str R None N/A Specifies the securitygroup rule ID.
description String(255)
CRU None N/A Providessupplementaryinformation about thesecurity group rule.
security_group_id
Uuid-str CR None N/A Specifies the ID ofthe belonged securitygroup.
remote_group_id
Uuid-str CR None Eitherremote_group_id orremote_ip_prefix is used.
Specifies the peer IDof the belongedsecurity group.
direction String CR None ingress/egress Specifies thedirection of thetraffic for which thesecurity group ruletakes effect.
remote_ip_prefix
String(255)
CR None The valuemust be inCIDR format.Eitherremote_group_id orremote_ip_prefix is used.
Specifies the peer IPaddress segment.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 305
Attribute Type CRUD DefaultValue
Constraint Description
protocol String CR None The valuemust be tcp,udp, icmp, oran IP protocolnumber.
Specifies the protocoltype or the IPprotocol number.
port_range_max
Int CR None The valueranges from 1to 65,535.(The valueranges from 0to 255 when itindicates thecode.)
Specifies themaximum portnumber. When ICMPis used, the value isthe ICMP code.
port_range_min
Int CR None The valueranges from 1to 65,535.(The valueranges from 0to 255 when itindicates thetype.)
Specifies theminimum portnumber. If the ICMPprotocol is used, thisparameter indicatesthe ICMP type.When the TCP orUDP protocol isused, bothport_range_maxand port_range_minmust be specified,and theport_range_maxvalue must be greaterthan theport_range_minvalue.When the ICMPprotocol is used, ifyou specify theICMP code(port_range_max),you must also specifythe ICMP type(port_range_min).
ethertype String CR IPv4 IPv4/IPv6 Specifies the networktype.Only IPv4 issupported.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 306
Attribute Type CRUD DefaultValue
Constraint Description
tenant_id String(255)
CR None N/A Specifies the tenantID. Only theadministrator canspecify the tenant IDof other tenants.
19.2 Querying Security Groups
Function
This interface is used to query security groups.
API Format
Method URI Description
GET /v2.0/security-groups?name={ name }&description={ description }&tenant_id ={tenant_id}
Queries all security groupsaccessible to the tenantsubmitting the request. Amaximum of 2000 recordscan be returned for eachquery operation. If thenumber of records exceeds2000, the pagination markerwill be returned. For details,see section A.4 Pagination.
Restrictions
N/A
Request Parameter
None
Response Parameter
Parameter Type Mandatory Description
security_groups List(security_group)
Yes Specifies the security group list. Fordetails, see Table 19-1.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 307
Example RequestGET /v2.0/security-groups
Example Response{ "security_groups": [ { "tenant_id": "84b25ac10ed642cca484aa55c098e3aa", "name": "default", "description": "Default security group", "security_group_rules": [ { "remote_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967", "direction": "ingress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv6", "tenant_id": "84b25ac10ed642cca484aa55c098e3aa", "port_range_max": null, "port_range_min": null, "id": "07adc044-3f21-4eeb-bd57-5e5eb6024b7f", "description": null, "security_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967" }, { "remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv6", "tenant_id": "84b25ac10ed642cca484aa55c098e3aa", "port_range_max": null, "port_range_min": null, "id": "47e05c14-1aa2-4355-aaf8-b57e18f98c9a", "description": null, "security_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967" }, { "remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv4", "tenant_id": "84b25ac10ed642cca484aa55c098e3aa", "port_range_max": null, "port_range_min": null, "id": "8a8a238b-fdb1-4321-b667-26205c7f37d1", "description": null, "security_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967" }, { "remote_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967", "direction": "ingress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv4", "tenant_id": "84b25ac10ed642cca484aa55c098e3aa", "port_range_max": null, "port_range_min": null, "id": "b5874440-84a0-4382-8e37-3f012b90b71e", "description": null, "security_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967" } ], "id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967" }
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 308
]}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 309
Returned Value Description
504 Gateway Timeout A gateway timeout error occurred.
19.3 Querying a Security Group
FunctionThis interface is used to query details about a specific security group.
API FormatMethod URI Description
GET /v2.0/security-groups/{security_group_id} Queries details about thespecified security group.
RestrictionsN/A
Request ParameterNone
Response ParameterParameter Type Mandatory Description
security_group Dict Yes Specifies the security group list. Fordetails, see Table 19-1.
Example RequestGET /v2.0/security-groups/1d8b19c7-7c56-48f7-a99b-4b40eb390967
Example Response{ "security_group": { "tenant_id": "84b25ac10ed642cca484aa55c098e3aa", "name": "default", "description": "Default security group", "security_group_rules": [ { "remote_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967", "direction": "ingress", "remote_ip_prefix": null,
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 310
"protocol": null, "ethertype": "IPv6", "tenant_id": "84b25ac10ed642cca484aa55c098e3aa", "port_range_max": null, "port_range_min": null, "id": "07adc044-3f21-4eeb-bd57-5e5eb6024b7f", "description": null, "security_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967" }, { "remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv6", "tenant_id": "84b25ac10ed642cca484aa55c098e3aa", "port_range_max": null, "port_range_min": null, "id": "47e05c14-1aa2-4355-aaf8-b57e18f98c9a", "description": null, "security_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967" }, { "remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv4", "tenant_id": "84b25ac10ed642cca484aa55c098e3aa", "port_range_max": null, "port_range_min": null, "id": "8a8a238b-fdb1-4321-b667-26205c7f37d1", "description": null, "security_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967" }, { "remote_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967", "direction": "ingress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv4", "tenant_id": "84b25ac10ed642cca484aa55c098e3aa", "port_range_max": null, "port_range_min": null, "id": "b5874440-84a0-4382-8e37-3f012b90b71e", "description": null, "security_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967" } ], "id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 311
NormalResponseCode
Type Description
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
19.4 Creating a Security Group
FunctionThis interface is used to create a security group.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 312
API FormatMethod URI Description
POST /v2.0/security-groups Creates a security group.
RestrictionsN/A
Request ParameterParameter Type Mandatory Description
security_group
Dict Yes Specifies the security group and security grouplist. For details, see Table 19-1. Mandatoryfield: none
Response ParameterParameter Type Mandatory Description
security_group Dict Yes Specifies the security group list. Fordetails, see Table 19-1.
Example RequestPOST /v2.0/security-groups{ "security_group": { "name": "test" }}
Example Response{ "security_group": { "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "name": "test", "description": "", "security_group_rules": [ { "remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv4", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "port_range_max": null, "port_range_min": null, "id": "2c4b4ca9-902e-47e7-bf68-d628cb06a388", "description": null,
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 313
"security_group_id": "9f79f6af-b30f-4b83-bc20-d86e0857cdf3" }, { "remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv6", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "port_range_max": null, "port_range_min": null, "id": "b197706d-e21d-439c-8bd8-0754bd2fac3c", "description": null, "security_group_id": "9f79f6af-b30f-4b83-bc20-d86e0857cdf3" } ], "id": "9f79f6af-b30f-4b83-bc20-d86e0857cdf3" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 314
Returned Value Description
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
19.5 Updating a Security Group
Function
This interface is used to update a security group.
API Format
Method URI Description
PUT /v2.0/security-groups/{security_group_id} Updates a security group.
Restrictions
N/A
Request Parameter
Parameter Type Mandatory Description
security_group
Dict Yes Specifies the security group list. For details, seeTable 19-1.This parameter has no mandatory fields. You mustspecify at least one attribute when updating thesecurity group.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 315
Response ParameterParameter Type Mandatory Description
security_group Dict Yes Specifies a security group. Fordetails, see the Security Groupobject table.
Example RequestPUT/v2.0/security-groups/9f79f6af-b30f-4b83-bc20-d86e0857cdf3{ "security_group": { "name": "test01" }}
Example Response{ "security_group": { "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "name": "test01", "description": "", "security_group_rules": [ { "remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv4", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "port_range_max": null, "port_range_min": null, "id": "2c4b4ca9-902e-47e7-bf68-d628cb06a388", "description": null, "security_group_id": "9f79f6af-b30f-4b83-bc20-d86e0857cdf3" }, { "remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "ethertype": "IPv6", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "port_range_max": null, "port_range_min": null, "id": "b197706d-e21d-439c-8bd8-0754bd2fac3c", "description": null, "security_group_id": "9f79f6af-b30f-4b83-bc20-d86e0857cdf3" } ], "id": "9f79f6af-b30f-4b83-bc20-d86e0857cdf3" }}
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 316
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 317
19.6 Deleting a Security Group
Function
This interface is used to delete a security group.
API Format
Method URI Description
DELETE /v2.0/security-groups/{security_group_id} Deletes the specifiedsecurity group.
Restrictions
N/A
Request Parameter
None
Response Parameter
None
Example RequestDELETE /v2.0/security-groups/a7ebb1d8-71e5-42e5-9030-4e0fca059d50
Example Response
None
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 318
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
19.7 Querying Security Group Rules
FunctionThis interface is used to query security group rules.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 319
API FormatMethod URI Description
GET /v2.0/security-group-rules?security_group_id={security_group_id}&remote_group_id={remote_group_id}&direction={direction}&remote_ip_prefix={remote_ip_prefix}&protocol={protocol}&port_range_max={port_range_max}&port_range_min={port_range_min}ðertype={ethertype}&tenant_id ={tenant_id}
Queries all the securitygroup rules accessible to thetenant submitting therequest. A maximum of2000 records can bereturned for each queryoperation. If the number ofrecords exceeds 2000, thepagination marker will bereturned. For details, seesection A.4 Pagination.
RestrictionsN/A
Request ParameterNone
Response ParameterParameter Type Mandatory Description
security_group_rules
List(security_group_rule)
Yes Specifies the security group rule list.For details, see Table 19-2.
Example RequestGET/v2.0/security-group-rules
Example Response{ "security_group_rules": [ { "remote_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967", "direction": "ingress", "remote_ip_prefix": null, "protocol": null, "tenant_id": "6c9298ec8c874f7f99688489ab65f90e", "port_range_max": null, "security_group_id": "1d8b19c7-7c56-48f7-a99b-4b40eb390967", "port_range_min": null, "ethertype": "IPv6", "description": null, "id": "07adc044-3f21-4eeb-bd57-5e5eb6024b7f" }, { "remote_group_id": null, "direction": "egress",
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 320
"remote_ip_prefix": null, "protocol": null, "tenant_id": "6c9298ec8c874f7f99688489ab65f90e", "port_range_max": null, "security_group_id": "328fb454-a2ee-4a11-bdb1-ee19bbdfde43", "port_range_min": null, "ethertype": "IPv6", "description": null, "id": "09358f83-f4a5-4386-9563-a1e3c373d655" }, { "remote_group_id": "4c763030-366e-428c-be2b-d48f6baf5297", "direction": "ingress", "remote_ip_prefix": null, "protocol": null, "tenant_id": "6c9298ec8c874f7f99688489ab65f90e", "port_range_max": null, "security_group_id": "4c763030-366e-428c-be2b-d48f6baf5297", "port_range_min": null, "ethertype": "IPv6", "description": null, "id": "219a6f56-1069-458b-bec0-df9270e7a074" } ]}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 321
Returned Value Description
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
19.8 Querying a Security Group Rule
FunctionThis interface is used to query details about a specific security group rule.
API FormatMethod URI Description
GET /v2.0/security-group-rules/{security-groups-rules-id}
Queries details about thespecified security grouprule.
RestrictionsN/A
Request ParameterNone
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 322
Response Parameter
Parameter Type Mandatory Description
security_group_rule Dict Yes Specifies the security group rulelist. For details, see Table 19-2.
Example RequestGET/v2.0/security-group-rules/1755bc80-cf3a-4f57-8ae9-d9796482ddc0
Example Response{ "security_group_rule": { "remote_group_id": null, "direction": "egress", "remote_ip_prefix": null, "protocol": null, "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "port_range_max": null, "security_group_id": "723bc02c-d7f7-49b5-b6ff-d08320f315e2", "port_range_min": null, "ethertype": "IPv4", "description": null, "id": "1755bc80-cf3a-4f57-8ae9-d9796482ddc0" }}
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 323
Returned Value Description
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
19.9 Creating a Security Group Rule
Function
This interface is used to create a security group rule.
API Format
Method URI Description
POST /v2.0/security-group-rules Creates a security grouprule.
Restrictions
N/A
Request Parameter
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 324
Parameter Type Mandatory Description
security_group_rule Dict Yes Specifies the security group rulelist. For details, see Table 19-2.Mandatory parameters: directionand security_group_id
Response ParameterParameter Type Mandatory Description
security_group_rule Dict Yes Specifies the security group rulelist. For details, see Table 19-2.
Example RequestPOST/v2.0/security-group-rules{ "security_group_rule": { "security_group_id": "5cb9c1ee-00e0-4d0f-9623-55463cd26ff8", "direction": "egress", "protocol": "tcp", "remote_ip_prefix": "10.10.0.0/24" }}
Example ResponseSON:{ "security_group_rule": { "remote_group_id": null, "direction": "egress", "remote_ip_prefix": "10.10.0.0/24", "protocol": "tcp", "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f", "port_range_max": null, "security_group_id": "5cb9c1ee-00e0-4d0f-9623-55463cd26ff8", "port_range_min": null, "ethertype": "IPv4", "description": null, "id": "7c336b04-1603-4911-a6f4-f2af1d9a0488" }}
Error CodesNormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 325
NormalResponseCode
Type Description
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 326
19.10 Deleting a Security Group Rule
Function
This interface is used to delete a security group rule.
API Format
Method URI Description
DELETE /v2.0/security-group-rules/{security-groups-rules-id}
Deletes a specified securitygroup rule.
Restrictions
N/A
Request Parameter
None
Response Parameter
None
Example RequestDELETE/v2.0/security-group-rules/07adc044-3f21-4eeb-bd57-5e5eb6024b7f
Example ResponseNone (STATUS CODE 202)
Error Codes
NormalResponseCode
Type Description
200 OK Specifies the normal response code for the GET andPUT operations.
201 Created Specifies the normal response code for the POSToperation.
204 No Content Specifies the normal response code for the DELETEoperation.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 327
Returned Value Description
400 Bad Request The server failed to process the request.
401 Unauthorized You must enter the username and password toaccess the requested page.
403 Forbidden You are forbidden to access the requested page.
404 Not Found The server could not find the requested page.
405 Method Not Allowed You are not allowed to use the method specified inthe request.
406 Not Acceptable The response generated by the server could not beaccepted by the client.
407 Proxy Authentication Required You must use the proxy server for authenticationso that the request can be processed.
408 Request Timeout The request timed out.
409 Conflict The request could not be processed due to aconflict.
500 Internal Server Error Failed to complete the request because of aninternal service error.
501 Not Implemented Failed to complete the request because the serverdoes not support the requested function.
502 Bad Gateway Failed to complete the request because the requestis invalid.
503 Service Unavailable Failed to complete the request because the serviceis unavailable.
504 Gateway Timeout A gateway timeout error occurred.
Virtual Private CloudAPI Reference 19 Security Group (Native OpenStack API)
Issue 01 (2017-12-31) 328
A Appendix
A.1 Error Codes
Description
If an error occurs when an API is called, error information is returned. This section describesthe error information for VPC APIs (excluding native OpenStack APIs).
Example of Returned Error Information{"code": "VPC.0001","message": "Token is null."}
Error Code Description
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
Public 400
VPC.0001
The token isempty.
Token is null Verify whether the tokenin the request header isempty.
400
VPC.0002
The AZ isempty.
Available zoneName is null.
Verify whether theavailability_zone field inthe request body forcreating a subnet isempty.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 329
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
404
VPC.0003
The VPC doesnot exist.
VPC does not exit. Check whether the VPCID is correct or whetherthe VPC exists under thetenant.
400
VPC.0004
The status ofthe VPC isabnormal.
VPC does notactive, please trylater.
Try again later or contacttechnical support.
Creating aVPC
400
VPC.0101
VPCparameters areincorrect.
Param is invalid. Check whether the inputparameter value is validbased on the returnederror message and APIreference document.
409
VPC.0114
The number ofVPCs exceedsthe systemquota.
Quota exceeded forresources: ['router'].
Clear VPC resources thatno longer will be used orapply for expanding theVPC resource quota.
400
VPC.0115
The VPCname alreadyexists.
The router name hasexist.
Change the VPC name.
Querying aVPC
500
VPC.0105
The interfacefails to invokethebackgroundservice.
- Check whether theNeutron service is normalor contact technicalsupport.
500
VPC.0106
An error isreturned forthe failure toinvoke thebackgroundservice.
get router is null. Check whether theNeutron service is normalor contact technicalsupport.
QueryingVPCs
500
VPC.0105
The interfacefails to invokethebackgroundservice.
- Check whether theNeutron service is normalor contact technicalsupport.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 330
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
500
VPC.0106
An error isreturned forthe failure toinvoke thebackgroundservice.
query routers orgetList are null.
Check whether theNeutron service is normalor contact technicalsupport.
Deleting aVPC
500
VPC.0102
The interfacefails to obtainthe routingresources.
Delete router fail. Contact technical support.
409
VPC.0103
The VPCcannot bedeletedbecause it isbeing created.
Resource status isbusy, try it againlater.
Contact technical support.
409
VPC.0104
The VPCcannot bedeletedbecause itcontainssubnets.
Router containssubnets, pleasedelete subnet first.
Delete the subnet in theVPC.
500
VPC.0107
The VPCcannot bedeletedbecause itcontainsnetwork ACL.
Delete the firewallfirst before deletingthe router.
Delete the network ACLof the tenant.
500
VPC.0108
The VPCcannot bedeletedbecause itcontains EIPs.
Router is used notallow deleted.
Delete EIPs of the tenant.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 331
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
500
VPC.0109
The VPCcannot bedeletedbecause itcontainsVPNs.
Router is used notallow deleted.
Delete VPNs of thetenant.
500
VPC.0110
The VPCcannot bedeletedbecause itsstatus isunstable.
deleteDefaultNet-workFromRouterrouter status isinvalid.
Contact technical support.
500
VPC.0111
An internalerror occursduring theVPC deletion.
- Contact technical support.
409
VPC.0112
The VPCcannot bedeletedbecause itcontainssecuritygroups.
Delete thesecuritygroup firstbefore deleting therouter.
Delete security groups ofthe tenant.
409
VPC.0118
The VPCcannot bedeletedbecause itcontains loadbalancers.
ELB exists underthis router, deleteELB firstly.
Delete load balancers inthe VPC.
500
VPC.0119
An erroroccurred whenthe VPCservice makescalls to theELB service.
- Check whether the ELBservice is normal orcontact technical support.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 332
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
409
VPC.0120
The VPCcannot bedeletedbecause itcontainsextensionroutes.
exroutes existsunder this router,delete exroutesfirstly.
Delete extension routes inthe VPC.
Updating aVPC
500
VPC.0113
The VPCcannot beupdatedbecause thestatus of theVPC isabnormal.
Router status is notactive.
Try again later or contacttechnical support.
400
VPC.0115
The VPCname alreadyexists.
The router name hasexist.
Change the VPC name.
400
VPC.0117
The subnetparameters areinvalid. Thenetworksegment of theVPC does notcontain allthose of thesubnets.
Cidr can not containsubnetList cidr.
Change the CIDR of theVPC.
Creating asubnet
400
VPC.0201
The subnetparameters areincorrect.
Subnet name isinvalid.
Check whether the inputparameter value is validbased on the returnederror message and APIreference document.
500
VPC.0202
An internalerror occurs inthe subnet.
Create subnet failed. Contact technical support.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 333
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
400
VPC.0203
The networksegment of thesubnet is not inthe range ofthe VPC.
Subnet is not in therange of VPC.
Change the CIDR of thesubnet.
400
VPC.0204
The networksegment of thesubnet alreadyexists in theVPC.
The subnet hasalready existed inthe VPC, or hasbeen in conflict withthe VPC subnet.
Change the CIDR of thesubnet.
Querying asubnet
400
VPC.0201
The subnetparameters areincorrect.
Subnet ID is invalid. Check whether the subnetID is valid.
Queryingsubnets
500
VPC.0202
An internalerror occurs inthe subnet.
List subnets error. Contact technical support.
Deleting asubnet
500
VPC.0206
The subnetcannot bedeletedbecause it isbeing used bythe VPN.
Subnet has beenused by VPN,please remove thesubnet from theVPN and try again.
Delete the subnet that isused by the VPN.
500
VPC.0207
This operationis not allowedbecause thesubnet doesnot belong tothe VPC.
Subnet does notbelong to the VPC.
Check whether the subnetis in the VPC.
500
VPC.0208
The subnetcannot bedeletedbecause it isbeing used bythe private IPaddress.
Subnet is used byprivate IP, can notbe deleted.
Delete the private IPaddress of the subnet.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 334
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
500
VPC.0209
The subnetcannot bedeletedbecause it isbeing used byan ECS or loadbalancer.
Subnet is still used,such as computer,LB.
Delete the ECS or loadbalancer in the subnet.
500
VPC.0210
The subnetcannot bedeletedbecause it isbeing used bythe customroute.
Subnet has beenused by routes,please remove theroutes first and tryagain.
Delete the custom route.
500
VPC.0211
The subnetcannot bedeletedbecause it isbeing used byload balancers.
subnet is still usedby LBaas.
Delete load balancers inthe subnet.
Updating asubnet
500
VPC.0205
The subnetcannot beupdatedbecause it isbeingprocessed.
Subnet states isinvalid, please tryagain later.
Try again later or contacttechnical support.
400
VPC.0207
This operationis not allowedbecause thesubnet doesnot belong tothe VPC.
Subnet does notbelong to the VPC.
Check whether the subnetis in the VPC.
Applying foranelasticIPaddress
400
VPC.0501
Theparameters ofthe EIP areincorrect.
Bandwidthshare_type isinvalid.
Check whether the inputparameter value is validbased on the returnederror message and APIreference document.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 335
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
500
VPC.0502
You are notallowed toapply for anEIP.
Tenant status isop_restricted.
Check whether theaccount balance isinsufficient or frozen.
500
VPC.0503
Failed tocreate an EIP.
Creating publicIpfailed.
Contact technical support.
500
VPC.0504
Failed to applyfor an EIP.
FloatIp is null. Contact technical support.
500
VPC.0508
Port-relatedresourcescannot befound.
Port is invalid. Contact technical support.
409
VPC.0510
The elastic IPaddress hasbeen bound tothe VM.
Floatingip hasalready associatedwith port.
Unbind the EIP fromother ECSs.
409
VPC.0511
An elastic IPaddress hasbeen bound tothe port.
Port has alreadyassociated withfloatingip.
Unbind the port fromother ECSs.
409
VPC.0521
InsufficientEIP quota.
Quota exceeded forresources:['floatingip'].
Release the unboundEIPS or apply forincreasing the EIP quota.
409
VPC.0522
The IP addressis invalid or inuse.
The IP address is inuse.
Check whether the IPaddress format is valid orreplace it to another IPaddress.
Querying anEIP
400
VPC.0501
Theparameters ofthe EIP areincorrect.
Invalidfloatingip_id.
Check whether the EIP IDis valid.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 336
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
500
VPC.0514
An exceptionoccurs in theFusionSphereOpenStacksystem.
- Check whether theNeutron service is normalor contact technicalsupport.
QueryingEIPs
400
VPC.0501
Theparameters ofthe EIP areincorrect.
Invalid limit. Check whether the inputparameter value is validbased on the returnederror message and APIreference document.
Deleting anEIP
400
VPC.0501
Theparameters ofthe EIP areincorrect.
Invalid param. Contact technical support.
409
VPC.0512
The status ofthe EIP isabnormal.
Resource status isbusy, try it againlater.
Try again later or contacttechnical support.
500
VPC.0513
Networkresourcescannot befound.
getElementByKeyerror.
Contact technical support.
500
VPC.0516
Failed todelete the EIPbecause it isbeing used bya loadbalancer.
Publicip is in usedby ELB.
Unbind the load balancerfrom the EIP.
409
VPC.0517
Deleting theEIP failsbecause it isbound to theECS.
Floatingip hasassociated with port,please disassociate itfirstly.
Unbind the EIP from theECS.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 337
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
500
VPC.0518
The EIPcannot bedeletedbecause it isused by thenetwork ACL.
Public IP hasfirewall rules.
Contact technical support.
Updating anelasticIPaddress
400
VPC.0501
Theparameters ofthe EIP areincorrect.
Port id is invalid. Check whether the subnetID is valid.
500
VPC.0509
An EIP hasbeen bound tothe port.
Floating ip doublestatus is invalid.
Unbind the port fromother EIPs.
409
VPC.0510
The elastic IPaddress hasbeen bound tothe VM.
Floatingip hasalready associatedwith port.
Unbind the EIP fromother ECSs.
409
VPC.0511
Failed to bindthe EIP to theECS becausethe ECS hasalready beenbound to anEIP.
Port has alreadyassociated withfloatingip.
Unbind the ECS fromother EIP.
409
VPC.0512
The status ofthe EIP isabnormal.
Resource status isbusy, try it againlater.
Try again later or contacttechnical support.
Querying thebandwidth
400
VPC.0301
The bandwidthparameters areincorrect.
getBandwidth errorbandwidthId isinvalid.
Check whether thebandwidth ID is valid.
500
VPC.0302
Failed toobtainunderlyingresources.
- Check whether theNeutron service is normalor contact technicalsupport.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 338
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
Queryingbandwidths
400
VPC.0301
The bandwidthparameters areincorrect.
Get bandwidthserror limit is invalid.
Check whether the inputparameter value is validbased on the returnederror message and APIreference document.
500
VPC.0302
Failed toobtainunderlyingresources.
- Check whether theNeutron service is normalor contact technicalsupport.
Updating thebandwidth
400
VPC.0301
The bandwidthparameters areincorrect.
updateBandwidthinput param isinvalid.
Check whether the inputparameter value is validbased on the returnederror message and APIreference document.
500
VPC.0302
Failed toobtainunderlyingresources.
- Check whether theNeutron service is normalor contact technicalsupport.
500
VPC.0305
An internalerror occursduring thebandwidthupdate.
updateBandwidtherror.
Contact technical support.
Creating asecurity group
400
VPC.0601
Theparameters ofthe securitygroup areincorrect.
Creatingsecuritygroup nameis invalid.
Check whether the inputparameter value is validbased on the returnederror message and APIreference document.
500
VPC.0602
An internalerror occurs inthe securitygroup.
Add security groupfail.
Check whether theNeutron service is normalor contact technicalsupport.
Querying asecurity group
400
VPC.0601
Theparameters ofthe securitygroup areincorrect.
Securitygroup id isinvalid.
Check whether thesecurity group ID is valid.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 339
Module
HTTPStatusCode
ErrorCode
Description Error Message Handling Measure
500
VPC.0602
An internalerror occurs inthe securitygroup.
Query securitygroup fail.
Check whether theNeutron service is normalor contact technicalsupport.
404
VPC.0603
The securitygroup does notexist.
Securitygroup is notexit.
Check whether thesecurity group ID iscorrect or whether thesecurity group existsunder the tenant.
Queryingsecuritygroups
400
VPC.0601
Theparameters ofthe securitygroup areincorrect.
Query securitygroups error limit isinvalid.
Check whether the inputparameter value is validbased on the returnederror message and APIreference document.
500
VPC.0602
An internalerror occurs inthe securitygroup.
Query securitygroups fail.
Check whether theNeutron service is normalor contact technicalsupport.
A.2 ICMP-Port Range Relationship TableICMP Type port_range_min port_range_max
Any NULL NULL
Echo 8 0
Echo reply 0 0
Fragment need DF set 3 4
Host redirect 5 1
Host TOS redirect 5 3
Host unreachable 3 1
Information reply 16 0
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 340
ICMP Type port_range_min port_range_max
Information request 15 0
Net redirect 5 0
Net TOS redirect 5 2
Net unreachable 3 0
Parameter problem 12 0
Port unreachable 3 3
Protocol unreachable 3 2
Reassembly timeout 11 1
Source quench 4 0
Source route failed 3 5
Timestamp reply 14 0
Timestamp request 13 0
TTL exceeded 11 0
A.3 VPC Monitoring Metrics
DescriptionThis section describes monitoring metrics reported by VPC to Cloud Eye as well as theirnamespaces and dimensions. You can use APIs provided by Cloud Eye to query themonitoring metrics of the monitored object and alarms generated for VPC.
NamespaceSYS.VPC
MetricsMetric Name Description Value
RangeMonitoredObject
up_bandwidth UpstreamBandwidth
Specifies theoutbound networkrate of themonitored object.
≥ 0 byte/s Bandwidth orelastic IPaddress
down_bandwidth DownstreamBandwidth
Specifies inboundnetwork rate ofthe monitoredobject.
≥ 0 byte/s Bandwidth orelastic IPaddress
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 341
Metric Name Description ValueRange
MonitoredObject
up_stream UpstreamTraffic
Specifies theoutbound networktraffic of themonitored object.
≥ 0 byte Bandwidth orelastic IPaddress
down_stream DownstreamTraffic
Specifies theinbound networktraffic of themonitored object.
≥ 0 byte Bandwidth orelastic IPaddress
Dimension
Key Value
publicip_id Specifies the elastic IP address ID.
bandwidth_id Specifies the bandwidth ID.
A.4 Pagination
Scenarios
Neutron APIs v2.0 provides the pagination function. You can set parameters limit andmarker in the URL to enable the desired number of items to be returned. All returned itemsare displayed in the ascending order of ID.
l To access the next page of the request, perform the following configurations:
– Replace the value of marker in the original access request URL. Replace the valueof marker to the value of marker in the value of herf if the value of rel in theresponse is next.
– Set the value of page_reverse to False.
l To access the previous page of the request, perform the following configurations:
– Replace the value of marker in the original access request URL. Replace the valueof marker to the value of marker in the value of herf if the value of rel in theresponse is previous.
– Set the value of page_reverse to True.
Request Parameter
Parameter Type Mandatory Description
limit String No Specifies the number of items displayed perpage.
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 342
Parameter Type Mandatory Description
marker String No Specifies the ID of the last item in theprevious list. If the marker value is invalid,error code 400 will be returned.
page_reverse Bool No Specifies the page direction. The value canbe True or False.
offset String No The offset+1 record will be first displayed.(The native OpenStack APIs are used forthis function. The APIs include /ports, /subnets, /networks, /routers, /security-groups, /security-group-rules, /fwaas/firewall_rules, /fwaas/firewall_policies,and /fwaas/firewall_groups.)
Example RequestGET /v2.0/networks?limit=2&marker=3d42a0d4-a980-4613-ae76-a2cddecff054&page_reverse=False
Example Response{"networks": [{"status": "ACTIVE","subnets": [],"name": "liudongtest ","admin_state_up": false,"tenant_id": "6fbe9263116a4b68818cf1edce16bc4f","id": "60c809cb-6731-45d0-ace8-3bf5626421a9"
},{"status": "ACTIVE","subnets": ["132dc12d-c02a-4c90-9cd5-c31669aace04"],"name": "publicnet","admin_state_up": true,"tenant_id": "6fbe9263116a4b68818cf1edce16bc4f","id": "9daeac7c-a98f-430f-8e38-67f9c044e299"}],"networks_links": [{"href": "http://192.168.82.231:9696/v2.0/networks?limit=2&marker=9daeac7c-a98f-430f-8e38-67f9c044e299","rel": "next"},{"href": "http://192.168.82.231:9696/v2.0/networks?limit=2&marker=60c809cb-6731-45d0-ace8-3bf5626421a9&page_reverse=True","rel": "previous"}]}
Virtual Private CloudAPI Reference A Appendix
Issue 01 (2017-12-31) 343