openstack
/
neutron-specs
Code Issues Proposed changes
neutron-specs/misc/api/configurable_external_gatew...

338 lines
9.4 KiB
ReStructuredText
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

===================================
Configurable external gateway modes
===================================
By default, when a gateway is attached to a router using the Neutron L3
extension, Network Address Translation (NAT) is enabled for traffic
generated by subnets attached to the router. With this extension, the
user will have the option of choosing whether SNAT should be enabled or
not on a router basis.
This is achieved simply by specifying a boolean attribute,
``enable_snat``, in the ``external_gateway_info`` attribute of the
``router`` resource.
This extension redefines the external\_gateway\_info attribute:
**Table external\_gateway\_info attributes**
============ ======= ======== ============= ================================
Attribute Type Required Default Value Validation Constraints and Notes
============ ======= ======== ============= ================================
network\_id UUID Yes N/A Must be a valid uuid representative
of an external network.
enable\_snat Boolean No True {True\|False}
The default setting is ``True`` to
ensure backward compatibility for
plugins supporting this extension.
============ ======= ======== ============= ================================
SNAT can be enabled or disabled at any time on a Neutron router
regardless of the current status of floating IPs. Floating IPs will
continue working even when SNAT is disabled.
List routers
~~~~~~~~~~~~
**GET** /routers
Lists neutron routers.
Success and error response codes are not changed with regards to the
operation as introduced by the L3 API extension.
When this extension is enabled, this operation also returns the current
Source NAT status for configured routers, as follows.
The response for the *show router* operation is the same, with the
obvious exception that a single router is returned.
**Example Router list with configurable external gateway modes
enabled**
.. code::
{
"routers":
[{
"status": "ACTIVE",
"external_gateway_info":
{"network_id": "3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat": true},
"name": "second_router",
"admin_state_up": true,
"tenant_id": "6b96ff0cb17a4b859e1e575d221683d3",
"id": "7177abc4-5ae9-4bb7-b0d4-89e94a4abf3b"
},
{
"status": "ACTIVE",
"external_gateway_info":
{"network_id": "3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat": false},
"name": "router1",
"admin_state_up": true,
"tenant_id": "33a40233088643acb66ff6eb0ebea679",
"id": "a9254bdb-2613-4a13-ac4c-adc581fba50d"
}]
}
Create router with external gateway
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**POST** /routers
Create a new Neutron router
Success and error response codes are not changed with regards to the
operation as introduced by the L3 API extension.
Neutron API users can specify whether SNAT should be performed on the
network specified as the router's external gateway by setting
``enable_snat`` in ``external_gateway_info`` to either ``True`` or
``False``; the default value is ``True``.
**Example Create router with SNAT disabled**
.. code::
POST /v2.0/routers
Accept: application/json
{
"router":
{
"name": "another_router",
"admin_state_up": true,
"external_gateway_info": {
"network_id": "3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat": false}
}
}
HTTP/1.1 201 OK
Content-Type: application/json; charset=UTF-8
{
"router":
{
"status": "ACTIVE",
"external_gateway_info": {
"network_id": "3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat": false}
"name": "another_router",
"admin_state_up": true,
"tenant_id": "6b96ff0cb17a4b859e1e575d221683d3",
"id": "8604a0de-7f6b-409a-a47c-a1cc7bc77b2e"
}
}
Update external gateway information for router
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**PUT** /routers/``router_id``
Creates a neutron router.
Success and error response codes are not changed with regards to the
operation as introduced by the L3 API extension.
Neutron API users can enable or disable SNAT on a router specifying the
``enable_snat`` attribute in the ``external_gateway_info`` attribute for
the router resource. This operation can be either used for updating the
SNAT status only, the external network, or both attributes at the same
time. In any case, if the ``enable_snat`` attribute is not specified, it
will default to ``True``. For instance, if the current SNAT status is
disabled, and the router's gateway is updated to a different external
network without specifying ``enable_snat``, SNAT will be enabled for the
new network.
It is important to note that whenever updating a router's external
gateway information, the ``network_id``\ parameter must be specified
always, even if the final goal is just to enable or disable SNAT for the
router on the same external network.
The rest of this section provides some samples for updating a router's
external gateway info with SNAT mode.
**Example Disable SNAT for the current external network**
.. code::
{
"router":
{
"name": "another_router",
"admin_state_up": true,
"external_gateway_info": {
"network_id": "3c5bcddd-6af9-4e6b-9c3e-c153e521cab8"}
}
}
.. code::
{
"router":{
"status":"ACTIVE",
"external_gateway_info":{
"network_id":"3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat":true
},
"name":"another_router",
"admin_state_up":true,
"tenant_id":"6b96ff0cb17a4b859e1e575d221683d3",
"id":"8604a0de-7f6b-409a-a47c-a1cc7bc77b2e"
}
}
.. code::
{
"router":{
"status":"ACTIVE",
"external_gateway_info":{
"network_id":"3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat":false
},
"name":"another_router",
"admin_state_up":true,
"tenant_id":"6b96ff0cb17a4b859e1e575d221683d3",
"id":"8604a0de-7f6b-409a-a47c-a1cc7bc77b2e"
}
}
.. code::
{
"router":{
"external_gateway_info":{
"network_id":"3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat":false
}
}
}
**Example Change external network and enable SNAT**
.. code::
{
"router":
{
"name": "another_router",
"admin_state_up": true,
"external_gateway_info": {
"network_id": "3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat": false}
}
}
.. code::
{
"router":
{
"status": "ACTIVE",
"external_gateway_info": {
"network_id": "3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat": false},
"name": "another_router",
"admin_state_up": true,
"tenant_id": "6b96ff0cb17a4b859e1e575d221683d3",
"id": "8604a0de-7f6b-409a-a47c-a1cc7bc77b2e"
}
}
.. code::
{
"router":
{
"external_gateway_info": {
"network_id": "002ab3b9-9127-4158-be30-4b45f3814df5"}
}
}
.. code::
{
"router":
{
"status": "ACTIVE",
"external_gateway_info": {
"network_id": "002ab3b9-9127-4158-be30-4b45f3814df5",
"enable_snat": true},
"name": "another_router",
"admin_state_up": true,
"tenant_id": "6b96ff0cb17a4b859e1e575d221683d3",
"id": "8604a0de-7f6b-409a-a47c-a1cc7bc77b2e"
}
}
**Example Change external network and external-gateway SNAT
disabled**
.. code::
{
"router":
{
"name": "another_router",
"admin_state_up": true,
"external_gateway_info": {
"network_id": "3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat": false}
}
}
.. code::
{
"router":
{
"status": "ACTIVE",
"external_gateway_info": {
"network_id": "3c5bcddd-6af9-4e6b-9c3e-c153e521cab8",
"enable_snat": false},
"name": "another_router",
"admin_state_up": true,
"tenant_id": "6b96ff0cb17a4b859e1e575d221683d3",
"id": "8604a0de-7f6b-409a-a47c-a1cc7bc77b2e"
}
}
.. code::
{
"router":
{
"external_gateway_info": {
"network_id": "002ab3b9-9127-4158-be30-4b45f3814df5",
"enable_snat": false}
}
}
.. code::
{
"router":
{
"status": "ACTIVE",
"external_gateway_info": {
"network_id": "002ab3b9-9127-4158-be30-4b45f3814df5",
"enable_snat": false},
"name": "another_router",
"admin_state_up": true,
"tenant_id": "6b96ff0cb17a4b859e1e575d221683d3",
"id": "8604a0de-7f6b-409a-a47c-a1cc7bc77b2e"
}
}
View Git Blame Copy Permalink