Initialization

Last Updated：2020-08-05

Confirm Endpoint

When confirming the Endpoint configured when using SDK, you can read the part in API reference regarding API Service Domain Name, and understand Endpoint related concept. Baidu AI Cloud enables multi-region support currently, please see the description of Region Selection.

Access region	Corresponding Endpoint
Beijing	eip.bj.baidubce.com
Guangzhou	eip.gz.baidubce.com
Suzhou	eip.su.baidubce.com
HongKong	eip.hkg.baidubce.com
WuHan	eip.fwh.baidubce.com
BaoDing	eip.bd.baidubce.com

Get the Key

To use Baidu AI Cloud EIP, you need to have a valid AK (Access Key ID) and SK (Secret Access Key) for signature authentication. AK/SK is assigned by the system to users, both of which are strings, used to identify users, and perform signature authentication for accessing EIP. You can obtain and understand your AK/SK information through the following steps: Register Baidu AI Cloud Account Create AK/SK

Create EipClient/EipGroupClient/EipBpClient

EipClient is the client of Eip service, which provides a series of methods for the developer to interact with Eip service.

Create EipClient/EipGroupClient/EipBpClient with AK/SK

Access to Eip via AK/SK, and you can create a Client by reference to the following codes:

public class Sample {
    public static void main(String[] args) {
        String ACCESS_KEY_ID = <your-access-key-id>;                    // Users' Access Key ID 
        String SECRET_ACCESS_KEY = <your-secret-access-key>;            // Users' Secret Access Key 
        
        // Initialize an EipClient 
        BceClientConfiguration config = new BceClientConfiguration();
        config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
        EipClient client = new EipClient(config);
         // Initialize an EipGroupClient
        BceClientConfiguration config = new BceClientConfiguration();
        config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
        EipGroupClient client = new EipGroupClient(config);
        
        // Initialize an EipBpClient
        BceClientConfiguration config = new BceClientConfiguration();
        config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
        EipBpClient client = new EipGroupClient(config);
    }
}

In the codes above, ACCESS_KEY_ID corresponds to "Access Key ID" in the console, SECRET_ACCESS_KEY corresponds to "Access Key Secret" in the console, for the way of obtaining, please see "Operation Guideline Manage ACCESSKEY".

In the method above, the default domain name is used as Eip service address, and if you need to specify the domain name by yourself, you can specify it by introducing ENDPOINT parameter.

String ACCESS_KEY_ID = <your-access-key-id>;                    // Users' Access Key ID 
 String SECRET_ACCESS_KEY = <your-secret-access-key>;            // Users' Secret Access Key 
 String ENDPOINT = <domain-name>;                                // You specify your own name 

 BceClientConfiguration config = new BceClientConfiguration();
 config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID,SECRET_ACCESS_KEY));
 config.setEndpoint(ENDPOINT);
 EipClient client = new EipClient(config);
  EipGroupClient client = new EipGroupClient(config);
 EipBpClient client = new EipBpClient(config);

Note: The ENDPOINT parameter can only be defined with the specified domain name of the areas included. If not specified, it defaults to the Beijing area (http://eip.bj.baidubce.com).

Create EipClient/EipGroupClient/EipBpClient with STS

Apply for STS Token

EIP can implement temporary authorized access by a third party through the STS mechanism. STS (Security Token Service) is a temporary authorization service provided by Baidu AI Cloud. With STS, you can issue a third-party user with a custom time-based and privileged access credential. The third-party user can use the access credential to directly call API or SDK of Baidu AI Cloud to access its resources.

To access to EIP via STS, you need to apply for an authentication string via client of STS, for the application method, please see Introduction to Use of Baidu AI Cloud (STS).

Create EipClient with STS Token

After applying for STS, you can configure STStoken to EipClient, and you can create an EipClient by reference to the following codes:

public class StsExample {
    private static final String STS_ENDPOINT = "http://sts.bj.baidubce.com";
    private static final String ACCESS_KEY_ID = "your accesskey id";
    private static final String SECRET_ACCESS_KEY = "your secret accesskey";

    public static void main(String[] args) {
        BceCredentials credentials = new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY);
        StsClient client = new StsClient(
                new BceClientConfiguration().withEndpoint(STS_ENDPOINT).withCredentials(credentials)
        );
        GetSessionTokenResponse response = client.getSessionToken(new GetSessionTokenRequest());
        // or simply call:
        // GetSessionTokenResponse response = client.getSessionToken();
        // or you can specify limited permissions with ACL:
        // GetSessionTokenResponse response = client.getSessionToken(new GetSessionTokenRequest().withAcl("blabla"));
        // build DefaultBceSessionCredentials object from response:
        BceCredentials eipStsCredentials = new DefaultBceSessionCredentials(
                response.getAccessKeyId(),
                response.getSecretAccessKey(),
                response.getSessionToken());
        System.out.println("==================================");
        System.out.println("GetSessionToken result:");
        System.out.println("    accessKeyId:  " + response.getAccessKeyId());
        System.out.println("    secretAccessKey:  " + response.getSecretAccessKey());
        System.out.println("    securityToken:  " + response.getSessionToken());
        System.out.println("    expiresAt:  " + response.getExpiration().toString());
        System.out.println("==================================");

        // build eip client
        BceClientConfiguration config = new BceClientConfiguration();
        config.setCredentials(eipStsCredentials);
        EipClient eipClient = new EipClient(config);
        EipGroupClient client = new EipGroupClient(config);
        EipBpClient client = new EipBpClient(config);
    }
}

Note: When you configure client with STS currently, wherever the endpoint in the corresponding EIP service is, endpoint needs to be configured as http://sts.bj.baidubce.com.

Configure HTTPS Protocol to Access to Eip/EipGroup/EipBp

EIP supports HTTPS transmission protocol, and you can access to EIP service with HTTPS in EIP Java SDK in the following 2 ways.

Indicate https in endpoint

String endpoint = "https://eip.bj.baidubce.com";
 String ak = "ak";
 String sk = "sk";
 BceClientConfiguration config = new BceClientConfiguration();
 config.setCredentials(new DefaultBceCredentials(ak, sk));
 EipClient client = new EipClient(config);
  EipGroupClient client = new EipGroupClient(config);
 EipBpClient client = new EipBpClient(config);

Set the https protocol by calling the setProtocol method

String endpoint = "eip.bj.baidubce.com"; // endpoint does not contain protocol 
 String ak = "ak";
 String sk = "sk";
 BceClientConfiguration config = new BceClientConfiguration();
 config.setCredentials(new DefaultBceCredentials(ak, sk));
 config.setEndpoint(ENDPOINT);
 config.setProtocol(Protocol.HTTPS); // if it is not specified, use http 
 EipClient client = new EipClient(config);
  EipGroupClient client = new EipGroupClient(config);
 EipBpClient client = new EipBpClient(config);

Note: If protocol is indicated in endpoint, the entry in endpoint takes effect, and a separate call to setProtocol () does not work.

String endpoint = "http://eip.bj.baidubce.com";
 String ak = "ak";
 String sk = "sk";
 BceClientConfiguration config = new BceClientConfiguration();
 config.setCredentials(new DefaultBceCredentials(ak, sk));
 config.setEndpoint(ENDPOINT);    
 config.setProtocol(Protocol.HTTPS); // it has been indicated in endpoint that this is an invalid operation, which also applies to http. 
 EipClient client = new EipClient(config);
  EipGroupClient client = new EipGroupClient(config);
 EipBpClient client = new EipBpClient(config);

Configure EipClient/EipGroupClient/EipBpClient

If you need to configure some detailed parameters of EipClient, you can introduce BceClientConfiguration parameter when constructing EipClient, and you can configure agent, maximum connections and other parameters for the client.

Use Agent

The following codes enable the client to access to EIP service with agent.

String ACCESS_KEY_ID = <your-access-key-id>;                    // Users' Access Key ID 
 String SECRET_ACCESS_KEY = <your-secret-access-key>;            // Users' Secret Access Key 
 String ENDPOINT = <domain-name>;                                // You specify your own name 

 // Create BceClientConfiguration instance 
 BceClientConfiguration config = new BceClientConfiguration();

 // Configure the agent as local 8080 port 
 config.setProxyHost("127.0.0.1");
 config.setProxyPort(8080);

 // Create EIP client 
 config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID,SECRET_ACCESS_KEY));
 config.setEndpoint(ENDPOINT);
 EipClient client = new EipClient(config);
  EipGroupClient client = new EipGroupClient(config);
 EipBpClient client = new EipBpClient(config);

Using the code segment above, all operations of client are executed as an agent via the 8080 port of 127.0.0.1 address.

For the agent with user authentication, the following code segment can be used to configure username and password:

// Create BceClientConfiguration instance 
 BceClientConfiguration config = new BceClientConfiguration();
    
 // Configure the agent as local 8080 port 
 config.setProxyHost("127.0.0.1");
 config.setProxyPort(8080);
    
 // Set username and password 
 config.setProxyUsername(<username>);                              //Username 
 config.setProxyPassword(<password>);                              // Password

Set Network Parameters

You can set the basic network parameters with BceClientConfiguration.

BceClientConfiguration config = new BceClientConfiguration();
    
// Set maximum connections of HTTP as 10.
config.setMaxConnections(10);
    
// Set TCP connection timeout as 5,000ms. 
config.setConnectionTimeout(5000);
    
// Set the time of Socket transmission data timeout as 2,000ms. 
config.setSocketTimeout(2000);

Parameter description All parameters that can be specified via BceClientConfiguration are listed as follows:

Parameter	Description
UserAgent	User agent, referring to the HTTP User-Agent header
Protocol	Connection protocol type
ProxyDomain	Windows domain name for access to NTLM verified proxy server
ProxyHost	Proxy server host address
ProxyPort	Proxy server port
ProxyUsername	User name for proxy server authentication
ProxyPassword	Password for proxy server authentication
ProxyPreemptiveAuthenticationEnabled	Whether to set up user agent authentication
ProxyWorkstation	Windows workstation name of the NTLM proxy server
LocalAddress	Local address
ConnectionTimeoutInMillis	Timeout for establishing a connection (unit: millisecond)
SocketTimeoutInMillis	Timeout for transmitting data over open connections (unit: millisecond)
MaxConnections	Maximum number of HTTP connections allowed to open
RetryPolicy	Connection retry policy
SocketBufferSizeInBytes	Socket buffer size

SDK Installation

EIP Instance

百度智能云

Elastic IP