百度智能云

All Product Document

          Elastic IP

          Initialization

          Confirm Endpoint

          When confirming the Endpoint configured when using SDK, you can read the part in API reference regarding API Service Domain Name, and understand Endpoint related concept. Baidu AI Cloud enables multi-region support currently, please see the description of Region Selection.

          Access region Corresponding Endpoint
          Beijing eip.bj.baidubce.com
          Guangzhou eip.gz.baidubce.com
          Suzhou eip.su.baidubce.com
          HongKong eip.hkg.baidubce.com
          WuHan eip.fwh.baidubce.com
          BaoDing eip.bd.baidubce.com

          Get the Key

          To use Baidu AI Cloud EIP, you need to have a valid AK (Access Key ID) and SK (Secret Access Key) for signature authentication. AK/SK is assigned by the system to users, both of which are strings, used to identify users, and perform signature authentication for accessing EIP. You can obtain and understand your AK/SK information through the following steps: Register Baidu AI Cloud Account Create AK/SK

          Create EipClient/EipGroupClient/EipBpClient

          EipClient is the client of Eip service, which provides a series of methods for the developer to interact with Eip service.

          Create EipClient/EipGroupClient/EipBpClient with AK/SK

          Access to Eip via AK/SK, and you can create a Client by reference to the following codes:

          public class Sample {
              public static void main(String[] args) {
                  String ACCESS_KEY_ID = <your-access-key-id>;                    // Users' Access Key ID 
                  String SECRET_ACCESS_KEY = <your-secret-access-key>;            // Users' Secret Access Key 
                  
                  // Initialize an EipClient 
                  BceClientConfiguration config = new BceClientConfiguration();
                  config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
                  EipClient client = new EipClient(config);
                   // Initialize an EipGroupClient
                  BceClientConfiguration config = new BceClientConfiguration();
                  config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
                  EipGroupClient client = new EipGroupClient(config);
                  
                  // Initialize an EipBpClient
                  BceClientConfiguration config = new BceClientConfiguration();
                  config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
                  EipBpClient client = new EipGroupClient(config);
              }
          }

          In the codes above, ACCESS_KEY_ID corresponds to "Access Key ID" in the console, SECRET_ACCESS_KEY corresponds to "Access Key Secret" in the console, for the way of obtaining, please see "Operation Guideline Manage ACCESSKEY".

          In the method above, the default domain name is used as Eip service address, and if you need to specify the domain name by yourself, you can specify it by introducing ENDPOINT parameter.

          String ACCESS_KEY_ID = <your-access-key-id>;                    // Users' Access Key ID 
           String SECRET_ACCESS_KEY = <your-secret-access-key>;            // Users' Secret Access Key 
           String ENDPOINT = <domain-name>;                                // You specify your own name 
          
           BceClientConfiguration config = new BceClientConfiguration();
           config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID,SECRET_ACCESS_KEY));
           config.setEndpoint(ENDPOINT);
           EipClient client = new EipClient(config);
            EipGroupClient client = new EipGroupClient(config);
           EipBpClient client = new EipBpClient(config);

          Note: The ENDPOINT parameter can only be defined with the specified domain name of the areas included. If not specified, it defaults to the Beijing area (http://eip.bj.baidubce.com).

          Create EipClient/EipGroupClient/EipBpClient with STS

          Apply for STS Token

          EIP can implement temporary authorized access by a third party through the STS mechanism. STS (Security Token Service) is a temporary authorization service provided by Baidu AI Cloud. With STS, you can issue a third-party user with a custom time-based and privileged access credential. The third-party user can use the access credential to directly call API or SDK of Baidu AI Cloud to access its resources.

          To access to EIP via STS, you need to apply for an authentication string via client of STS, for the application method, please see Introduction to Use of Baidu AI Cloud (STS).

          Create EipClient with STS Token

          After applying for STS, you can configure STStoken to EipClient, and you can create an EipClient by reference to the following codes:

          public class StsExample {
              private static final String STS_ENDPOINT = "http://sts.bj.baidubce.com";
              private static final String ACCESS_KEY_ID = "your accesskey id";
              private static final String SECRET_ACCESS_KEY = "your secret accesskey";
          
              public static void main(String[] args) {
                  BceCredentials credentials = new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY);
                  StsClient client = new StsClient(
                          new BceClientConfiguration().withEndpoint(STS_ENDPOINT).withCredentials(credentials)
                  );
                  GetSessionTokenResponse response = client.getSessionToken(new GetSessionTokenRequest());
                  // or simply call:
                  // GetSessionTokenResponse response = client.getSessionToken();
                  // or you can specify limited permissions with ACL:
                  // GetSessionTokenResponse response = client.getSessionToken(new GetSessionTokenRequest().withAcl("blabla"));
                  // build DefaultBceSessionCredentials object from response:
                  BceCredentials eipStsCredentials = new DefaultBceSessionCredentials(
                          response.getAccessKeyId(),
                          response.getSecretAccessKey(),
                          response.getSessionToken());
                  System.out.println("==================================");
                  System.out.println("GetSessionToken result:");
                  System.out.println("    accessKeyId:  " + response.getAccessKeyId());
                  System.out.println("    secretAccessKey:  " + response.getSecretAccessKey());
                  System.out.println("    securityToken:  " + response.getSessionToken());
                  System.out.println("    expiresAt:  " + response.getExpiration().toString());
                  System.out.println("==================================");
          
                  // build eip client
                  BceClientConfiguration config = new BceClientConfiguration();
                  config.setCredentials(eipStsCredentials);
                  EipClient eipClient = new EipClient(config);
                  EipGroupClient client = new EipGroupClient(config);
                  EipBpClient client = new EipBpClient(config);
              }
          }

          Note: When you configure client with STS currently, wherever the endpoint in the corresponding EIP service is, endpoint needs to be configured as http://sts.bj.baidubce.com.

          Configure HTTPS Protocol to Access to Eip/EipGroup/EipBp

          EIP supports HTTPS transmission protocol, and you can access to EIP service with HTTPS in EIP Java SDK in the following 2 ways.

          • Indicate https in endpoint
          String endpoint = "https://eip.bj.baidubce.com";
           String ak = "ak";
           String sk = "sk";
           BceClientConfiguration config = new BceClientConfiguration();
           config.setCredentials(new DefaultBceCredentials(ak, sk));
           EipClient client = new EipClient(config);
            EipGroupClient client = new EipGroupClient(config);
           EipBpClient client = new EipBpClient(config);
          • Set the https protocol by calling the setProtocol method
          String endpoint = "eip.bj.baidubce.com"; // endpoint does not contain protocol 
           String ak = "ak";
           String sk = "sk";
           BceClientConfiguration config = new BceClientConfiguration();
           config.setCredentials(new DefaultBceCredentials(ak, sk));
           config.setEndpoint(ENDPOINT);
           config.setProtocol(Protocol.HTTPS); // if it is not specified, use http 
           EipClient client = new EipClient(config);
            EipGroupClient client = new EipGroupClient(config);
           EipBpClient client = new EipBpClient(config);

          Note: If protocol is indicated in endpoint, the entry in endpoint takes effect, and a separate call to setProtocol () does not work.

          String endpoint = "http://eip.bj.baidubce.com";
           String ak = "ak";
           String sk = "sk";
           BceClientConfiguration config = new BceClientConfiguration();
           config.setCredentials(new DefaultBceCredentials(ak, sk));
           config.setEndpoint(ENDPOINT);    
           config.setProtocol(Protocol.HTTPS); // it has been indicated in endpoint that this is an invalid operation, which also applies to http. 
           EipClient client = new EipClient(config);
            EipGroupClient client = new EipGroupClient(config);
           EipBpClient client = new EipBpClient(config);

          Configure EipClient/EipGroupClient/EipBpClient

          If you need to configure some detailed parameters of EipClient, you can introduce BceClientConfiguration parameter when constructing EipClient, and you can configure agent, maximum connections and other parameters for the client.

          Use Agent

          The following codes enable the client to access to EIP service with agent.

          String ACCESS_KEY_ID = <your-access-key-id>;                    // Users' Access Key ID 
           String SECRET_ACCESS_KEY = <your-secret-access-key>;            // Users' Secret Access Key 
           String ENDPOINT = <domain-name>;                                // You specify your own name 
          
           // Create BceClientConfiguration instance 
           BceClientConfiguration config = new BceClientConfiguration();
          
           // Configure the agent as local 8080 port 
           config.setProxyHost("127.0.0.1");
           config.setProxyPort(8080);
          
           // Create EIP client 
           config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID,SECRET_ACCESS_KEY));
           config.setEndpoint(ENDPOINT);
           EipClient client = new EipClient(config);
            EipGroupClient client = new EipGroupClient(config);
           EipBpClient client = new EipBpClient(config);

          Using the code segment above, all operations of client are executed as an agent via the 8080 port of 127.0.0.1 address.

          For the agent with user authentication, the following code segment can be used to configure username and password:

          // Create BceClientConfiguration instance 
           BceClientConfiguration config = new BceClientConfiguration();
              
           // Configure the agent as local 8080 port 
           config.setProxyHost("127.0.0.1");
           config.setProxyPort(8080);
              
           // Set username and password 
           config.setProxyUsername(<username>);                              //Username 
           config.setProxyPassword(<password>);                              // Password 

          Set Network Parameters

          You can set the basic network parameters with BceClientConfiguration.

          BceClientConfiguration config = new BceClientConfiguration();
              
          // Set maximum connections of HTTP as 10.
          config.setMaxConnections(10);
              
          // Set TCP connection timeout as 5,000ms. 
          config.setConnectionTimeout(5000);
              
          // Set the time of Socket transmission data timeout as 2,000ms. 
          config.setSocketTimeout(2000);

          Parameter description All parameters that can be specified via BceClientConfiguration are listed as follows:

          Parameter Description
          UserAgent User agent, referring to the HTTP User-Agent header
          Protocol Connection protocol type
          ProxyDomain Windows domain name for access to NTLM verified proxy server
          ProxyHost Proxy server host address
          ProxyPort Proxy server port
          ProxyUsername User name for proxy server authentication
          ProxyPassword Password for proxy server authentication
          ProxyPreemptiveAuthenticationEnabled Whether to set up user agent authentication
          ProxyWorkstation Windows workstation name of the NTLM proxy server
          LocalAddress Local address
          ConnectionTimeoutInMillis Timeout for establishing a connection (unit: millisecond)
          SocketTimeoutInMillis Timeout for transmitting data over open connections (unit: millisecond)
          MaxConnections Maximum number of HTTP connections allowed to open
          RetryPolicy Connection retry policy
          SocketBufferSizeInBytes Socket buffer size
          Previous
          SDK Installation
          Next
          EIP Instance