SL中的VPN访问

Question

我正在使用java Soflayer API实现VPN ACCESS。 找到了这些API，但没有实现它的示例。

1. http://sldn.softlayer.com/reference/datatypes/SoftLayer_User_Customer
2. SoftLayer_Network_Service_Vpn_Overrides

如何使用API​​获取SSL，PPTP等可用的VPN类型？

如果您指导我做什么或提供任何参考示例，我们将不胜感激。谢谢

Answer 1

用户只有“SSL”，“PPTP”和“SSL和PPT”，并且没有任何方法可以获取VPN类型

通过查看属性，您可以了解客户的VPN类型： “pptpVpnAllowedFlag” “sslVpnAllowedFlag”

如果两者都为真，那么如果只有“pptpVpnAllowedFlag = true”，则客户具有“SSL和PPTP”，因此客户仅启用了PPTP等。

你也可以看到属性“vpnManualConfig”，以便知道他的配置是manuaul还是自动

为了知道为用户启用的子网（如果是手动配置），您可以看到属性“覆盖”

此RestFul resquest将为您提供所需的信息：

the unused pointers are set to NULL, so will not cause a crash when passed to

此致

Answer 2

这是一个使用SoftLayer API Java Client为多个用户自动执行VPN访问的脚本：

package Users;

import com.softlayer.api.ApiClient;
import com.softlayer.api.RestApiClient;
import com.softlayer.api.service.Account;
import com.softlayer.api.service.network.Subnet;
import com.softlayer.api.service.network.service.vpn.Overrides;
import com.softlayer.api.service.user.Customer;

import java.util.ArrayList;
import java.util.List;
/**
 * Add Vpn Access for Multiple users
 *
 * This script creates VPN Access for Multiple Users.
 *
 * Important Manual Page:
 * http://sldn.softlayer.com/reference/services/SoftLayer_Network_Service_Vpn_Overrides/createObjects
 * http://sldn.softlayer.com/reference/datatypes/SoftLayer_Network_Service_Vpn_Overrides
 * http://sldn.softlayer.com/reference/services/SoftLayer_Account/getUsers
 * http://sldn.softlayer.com/reference/services/SoftLayer_User_Customer/getOverrides
 *
 * @license <http://sldn.softlayer.com/article/License>
 * @authon SoftLayer Technologies, Inc. <sldn@softlayer.com>
 * @version 0.2.2
 */
public class AddVpnAccess {
    /**
     * This is the constructor, is used to create VPN Access
     */
    public AddVpnAccess(){
        // Declare username and api key
        String username = "set me";
        String apiKey = "set me";
        // Get Api Client and service
        ApiClient client = new RestApiClient().withCredentials(username, apiKey);
        // Declare SoftLayer_Account and SoftLayer_User_Customer services
        Account.Service accountService = Account.service(client);
        Customer.Service customerService = Customer.service(client);
        Overrides.Service overrideService = Overrides.service(client);
        // Define the usernames from users that you wish to create VPN Access
        String [] users = {"user1", "user2", "user3"};
        // Define VPN Type options: "None", "SSL", "PPTP", "SSL & PPTP"
        String vpnType = "SSL & PPTP";
        // Define the networks identifiers from subnets to create the overrides
        String [] subnets = {"10.62.42.64", "10.104.213.192", "10.110.39.64"};

        // Define an array to Build the template with all SoftLayer_Network_Service_Vpn_Overrides objects to be deleted.
        List<Overrides> overrides = new ArrayList<Overrides>();

        // Building Customer template for VPN Access
        Customer templateObject = new Customer();
        templateObject.setPptpVpnAllowedFlag(false);
        templateObject.setSslVpnAllowedFlag(false);
        if(vpnType.contains("SSL"))
        {
            templateObject.setSslVpnAllowedFlag(true);
        }
        if(vpnType.contains("PPT"))
        {
            templateObject.setPptpVpnAllowedFlag(true);;
        }

        try{
            // Getting users
            List<Customer> userList = accountService.getUsers();
            // Getting subnets
            List<Subnet> subnetList = accountService.getSubnets();

            // Setting VPN Access
            for(String user : users)
            {
                for(Customer accountUser : userList)
                {
                    if(accountUser.getUsername().equals(user))
                    {
                        // Setting init parameter
                        customerService = Customer.service(client, new Long(accountUser.getId()));
                        boolean result = customerService.editObject(templateObject);
                        System.out.println("User: " + accountUser.getUsername() + " VPN Access: " + result);
                        if(templateObject.getSslVpnAllowedFlag() == true || templateObject.getPptpVpnAllowedFlag() == true)
                        {
                            for(String subnet : subnets)
                            {
                                for(Subnet accountSubnet : subnetList)
                                {
                                    if(accountSubnet.getNetworkIdentifier().equals(subnet))
                                    {
                                        Overrides objectOverride = new Overrides();
                                        objectOverride.setUserId(new Long(accountUser.getId()));
                                        objectOverride.setSubnetId(new Long(accountSubnet.getId()));
                                        overrides.add(objectOverride);
                                    }
                                }
                            }
                        }
                    }
                }
            }
            if(templateObject.getSslVpnAllowedFlag() == true || templateObject.getPptpVpnAllowedFlag() == true)
            {
                boolean result = overrideService.createObjects(overrides);
                System.out.println("Have been set the overrides successfully? " + result);
            }
        } catch (Exception e)
        {
            System.out.println("Error: " + e);
        }
    }

    public static void main(String [] args)
    {
        new AddVpnAccess();
    }
}

  

更新

我很抱歉，显然目前SoftLayer API Client for Java存在创建VPN Overrides的问题，我已经提出了一个问题：

https://github.com/softlayer/softlayer-java/issues/31

但是，我可以使用SoftLayer API PHP client.

提供相同的想法

Php脚本

<?php
/**
 * Add Vpn Access for Multiple users 
 * 
 * This script creates VPN Access for Multiple Users.
 * 
 * Important manual pages:
 * @see http://sldn.softlayer.com/reference/services/SoftLayer_Network_Service_Vpn_Overrides/createObjects
 * @see http://sldn.softlayer.com/reference/datatypes/SoftLayer_Network_Service_Vpn_Overrides
 * @see http://sldn.softlayer.com/reference/services/SoftLayer_Account/getUsers
 * @see http://sldn.softlayer.com/reference/services/SoftLayer_User_Customer/getOverrides
 * @see http://sldn.softlayer.com/article/Object-Filters
 * 
 * @license <http://sldn.softlayer.com/wiki/index.php/license>
 * @author SoftLayer Technologies, Inc. <sldn@softlayer.com> 
 */
require_once '\vendor\autoload.php';

// Your SoftLayer API username.
$username = "set me";

// Your SoftLayer API key.
$key = "set me";

// Define the usernames from users that you wish to create the overrides
$users = array("user1", "user2", "user3");

// Define VPN Type options: "None", "SSL", "PPTP", "SSL & PPTP"
$vpnType = "SSL & PPTP";

// Define the networks identifiers from subnets to create the overrides 
$subnets = array("10.126.46.128", "10.5.214.192");

// Create a SoftLayer API client object for "SoftLayer_Account", "SoftLayer_User_Customer" and "SoftLayer_Network_Vpn_Overrides" services
$accountService = \SoftLayer\SoapClient::getClient('SoftLayer_Account', null, $username, $key);
$customerService = \SoftLayer\SoapClient::getClient('SoftLayer_User_Customer', null, $username, $key);
$overridesService = \SoftLayer\SoapClient::getClient('SoftLayer_Network_Service_Vpn_Overrides', null, $username, $key);

// Declare an object filter, to retrieve subnets specified in $subnets array
$filterSubnets = new \stdClass();
$filterSubnets -> subnets = new \stdClass();
$filterSubnets -> subnets -> networkIdentifier = new \stdClass();
$filterSubnets -> subnets -> networkIdentifier -> operation = "in";
$filterSubnets -> subnets -> networkIdentifier -> options = array();
$filterSubnets -> subnets -> networkIdentifier -> options[0] = new stdClass();
$filterSubnets -> subnets -> networkIdentifier -> options[0] -> name = "data";
$filterSubnets -> subnets -> networkIdentifier -> options[0] -> value = $subnets;
$accountService -> setObjectFilter($filterSubnets);

// Get Subnets
$receiptSubnets = $accountService -> getSubnets();

// Declare an object filter, to retrieve users with the specific username specified in "$users" array.
$filter = new \stdClass();
$filter -> users = new \stdClass();
$filter -> users -> username = new \stdClass();
$filter -> users -> username -> operation = "in";
$filter -> users -> username -> options = array();
$filter -> users -> username -> options[0] = new stdClass();
$filter -> users -> username -> options[0] -> name = "data";
$filter -> users -> username -> options[0] -> value = $users;
$accountService -> setObjectFilter($filter);

// Get users 
$receiptUsers = $accountService -> getUsers();

// Build template
$templateObject = new \stdClass();
$templateObject -> sslVpnAllowedFlag = false;
$templateObject -> pptpVpnAllowedFlag = false;
if(strpos($vpnType, "SSL") !== false)
{
    $templateObject -> sslVpnAllowedFlag = true;
}
if(strpos($vpnType, "PPTP") !== false)
{
    $templateObject -> pptpVpnAllowedFlag = true;
}

try {
    // Define an array to Build the template with all SoftLayer_Network_Service_Vpn_Overrides objects to be deleted.
    $overrides = array();
    $subnetFlag = false;

    // Setting VPN Access
    for ($i=0; $i < sizeof($receiptUsers); $i++) {
        $customerService -> setInitParameter($receiptUsers[$i] -> id);
        $result = $customerService -> editObject($templateObject);
        echo "VPN Access set for user: " . $receiptUsers[$i] -> username . "\n";
        if($templateObject -> sslVpnAllowedFlag == true || $templateObject -> pptpVpnAllowedFlag == true)
        {
            for ($j=0; $j < sizeof($receiptSubnets) ; $j++) {
            array_push($overrides, array("subnetId" => $receiptSubnets[$j] -> id, "userId" => $receiptUsers[$i] -> id));
                }
            $subnetFlag = true;
        }
    }
    // Setting subnets
    if($subnetFlag)
    {
        $result = $overridesService -> createObjects($overrides);
        print_r("The VPN overrides were created?: " . $result);
    }
} catch (Exception $e) {
    echo "Error: " . $e -> getMessage();
    }

我希望它有所帮助

Answer 3

尝试以下休息请求：

https://$user:$apiKey@api.softlayer.com/rest/v3.1/SoftLayer_Network_Service_Vpn_Overrides/createObjects

Method: Post

{  
   "parameters":[  
      [  
         {  
            "subnetId":1139909,
            "userId":498265
         }
      ]
   ]
}

使用您自己的信息替换：$ user，$ apiKey，1139909和498265.

获取用户标识符：

https://$user:$apiKey@api.softlayer.com/rest/v3.1/SoftLayer_Account/getUsers
Method: Get

获取子网标识符：

https://$user:$apiKey@api.softlayer.com/rest/v3.1/SoftLayer_Account/getSubnets
Method: Get

参考文献：

• SoftLayer_Network_Service_Vpn_Overrides::createObjects

• SoftLayer_Account::getUsers

• SoftLayer_Account::getSubnets

Answer 4

关于你的问题：

如何设置覆盖ID？

以下请求将对此有所帮助：

https://$username:$apiKey@api.softlayer.com/rest/v3/SoftLayer_User_Customer/$userId/getOverrides
Method: Get

使用您自己的信息替换：$ username，$ apiKey和$ userId。

关于这个：

  

取消选择Grant Access不会保存在control.softlayer.com中。   重新打开VPN访问列表时，仍然会选中“授予访问权限”。

这是一个已知问题，修复程序将尽快发布，对此给您带来的不便表示歉意

<强>参考文献：

• SoftLayer_User_Customer::getOverrides