Openstack 做為流行的開源雲計算平台,其最大特性是利用其提供的基礎設施API,讓我們可以以軟件的方式來動態管理IAAS資源。Openstack 提供的api是流行的Rest API.
閑話少說,我們來開始使用Openstack API。
前提:搭建Openstack 環境是必須,可以根據參考資料搭建一個單機虛擬機環境.
假設我們搭建的環境信息為:
物理服務器地址: 192.168.1.1
管理員用戶名:admin
管理員密碼:password
管理員租戶ID:3942bfc544a24f748788c06dbc486ffa
做好環境后,我們先驗證一下,API是否正常工作.使用Curl工具驗證;
curl -k -X 'POST' -v http://192.168.1.1:5000/v2.0/tokens -d '{"auth":{"passwordCredentials":{"username": "admin", "password":"password"}, "tenantId":"3942bfc544a24f748788c06dbc486ffa"}}' -H 'Content-type: application/json'
返回一串的json字符串:
View Code
1 { 2 "access" : { 3 "token" : { 4 "expires" : "2013-01-23T04:26:01Z", 5 "id" : "9bc5f651f5ff44329f67a5a33486fcf4", 6 "tenant" : { 7 "description" : null, 8 "enabled" : true, 9 "id" : "3942bfc544a24f748788c06dbc486ffa", 10 "name" : "admin" 11 } 12 }, 13 "serviceCatalog" : [ { 14 "endpoints" : [ { 15 "adminURL" : "http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa", 16 "region" : "RegionOne", 17 "internalURL" : "http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa", 18 "publicURL" : "http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa" 19 } ], 20 "endpoints_links" : [ ], 21 "type" : "compute", 22 "name" : "nova" 23 }, { 24 "endpoints" : [ { 25 "adminURL" : "http://192.168.1.1:9696/", 26 "region" : "RegionOne", 27 "internalURL" : "http://192.168.1.1:9696/", 28 "publicURL" : "http://192.168.1.1:9696/" 29 } ], 30 "endpoints_links" : [ ], 31 "type" : "network", 32 "name" : "quantum" 33 }, { 34 "endpoints" : [ { 35 "adminURL" : "http://192.168.1.1:9292/v2", 36 "region" : "RegionOne", 37 "internalURL" : "http://192.168.1.1:9292/v2", 38 "publicURL" : "http://192.168.1.1:9292/v2" 39 } ], 40 "endpoints_links" : [ ], 41 "type" : "image", 42 "name" : "glance" 43 }, { 44 "endpoints" : [ { 45 "adminURL" : "http://192.168.1.1:8776/v1/3942bfc544a24f748788c06dbc486ffa", 46 "region" : "RegionOne", 47 "internalURL" : "http://192.168.1.1:8776/v1/3942bfc544a24f748788c06dbc486ffa", 48 "publicURL" : "http://192.168.1.1:8776/v1/3942bfc544a24f748788c06dbc486ffa" 49 } ], 50 "endpoints_links" : [ ], 51 "type" : "volume", 52 "name" : "cinder" 53 }, { 54 "endpoints" : [ { 55 "adminURL" : "http://192.168.1.1:8773/services/Admin", 56 "region" : "RegionOne", 57 "internalURL" : "http://192.168.1.1:8773/services/Cloud", 58 "publicURL" : "http://192.168.1.1:8773/services/Cloud" 59 } ], 60 "endpoints_links" : [ ], 61 "type" : "ec2", 62 "name" : "ec2" 63 }, { 64 "endpoints" : [ { 65 "adminURL" : "http://192.168.1.1:8080/v1", 66 "region" : "RegionOne", 67 "internalURL" : "http://192.168.1.1:8080/v1/AUTH_3942bfc544a24f748788c06dbc486ffa", 68 "publicURL" : "http://192.168.1.1:8080/v1/AUTH_3942bfc544a24f748788c06dbc486ffa" 69 } ], 70 "endpoints_links" : [ ], 71 "type" : "object-store", 72 "name" : "swift" 73 }, { 74 "endpoints" : [ { 75 "adminURL" : "http://192.168.1.1:35357/v2.0", 76 "region" : "RegionOne", 77 "internalURL" : "http://192.168.1.1:5000/v2.0", 78 "publicURL" : "http://192.168.1.1:5000/v2.0" 79 } ], 80 "endpoints_links" : [ ], 81 "type" : "identity", 82 "name" : "keystone" 83 } ], 84 "user" : { 85 "username" : "admin", 86 "roles_links" : [ ], 87 "id" : "89b0ec701354421fa2284667d4175af7", 88 "roles" : [ { 89 "id" : "12833eaa4ff14e8ea1e1c2f96ea6f18d", 90 "name" : "KeystoneServiceAdmin" 91 }, { 92 "id" : "31e298db6ece43c2b85f21f2a696809e", 93 "name" : "admin" 94 }, { 95 "id" : "8cc376e9218a4068af4cb5a923c0f201", 96 "name" : "KeystoneAdmin" 97 }, { 98 "id" : "bb4d1cf04bcb4be59bb2b78f9a273a9c", 99 "name" : "ResellerAdmin" 100 } ], 101 "name" : "admin" 102 } 103 } 104 }
需要的是前面幾行:
{"access": {"token": {"expires": "2013-01-23T02:22:40Z", "id": "dba0a6722b86483e83b07e5556bafb02"...
其中的ID一項,即為我們以后認證需要的token,記下來:
X-Auth-Token:dba0a6722b86483e83b07e5556bafb02
其它的server 及region信息,是根據你的keystone配置,會將各個服務的訪問地址(endpoint)列出來,你可以從這里獲得Image,compute,volume等API接口訪問地址.
特別提醒:
認證的請求json字符串正確格式為:
{ "auth":{ "passwordCredentials":{ "username":"admin", "password":"password" }, "tenantId":"3942bfc544a24f748788c06dbc486ffa" } }
缺少了tenantId選項依然可以獲得token ,然而這樣的token只能在keystone組件中使用,當使用此token去nova 或者image組件認證時,會失敗(401錯誤)
而截止目前,官方api文檔
http://api.openstack.org/api-ref.html 為
tenantName (可選項),按此文檔請求會出現token不能在其它組件中認證的情況.
獲得正確的的tokens后,便可以參考官方的api參考頁面,測試其它的api了.
如instance 列表:
curl -v -H "X-Auth-Token:dba0a6722b86483e83b07e5556bafb02" http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa/servers
curl畢竟是命令行,比較麻煩,大家可以使用rest客戶端去操作。這里推存一個JAVA的:
下面我們通過API完成創建一個虛擬機的工作.
第一步:獲取鏡像列表:
協議為 GET http://192.168.1.1:9292/v1/images
這里使用Rest-client提交
我們選一個鏡像id: 03419abb-c27f-4dde-bc74-b8387d1ccb30
第二步:獲取虛擬機創建方案.
協議為: GET http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa/flavors
使用rest-client請求:
選取一個flavorid:100
第三步,創建虛擬機
協議:POST http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa/servers
BODY:
{ "server":{ "flavorRef":"100", "imageRef":"03419abb-c27f-4dde-bc74-b8387d1ccb30", "metadata":{ "My Server Name":"Apache1" }, "name":"new-server-test", "personality":[ { "contents":"", "path":"/etc/banner.txt" } ] } }
restclient 請求:
由於我的虛擬機資源用限,超出容量,所以創建失敗了。成功的請求是這樣的
{ "server":{ "adminPass":"MVk5HPrazHcG", "id":"5bbcc3c4-1da2-4437-a48a-66f15b1b13f9", "links":[ { "href":"http://openstack.example.com/v2/openstack/servers/5bbcc3c4-1da2-4437-a48a-66f15b1b13f9", "rel":"self" }, { "href":"http://openstack.example.com/openstack/servers/5bbcc3c4-1da2-4437-a48a-66f15b1b13f9", "rel":"bookmark" } ] } }
結果可以登錄http://192.168.1.1
用openstack 的Horizon的驗證。
其它的api可以參考Openstack的文檔完成了 http://api.openstack.org
常用工具
JSON格式化
<http://www.cnblogs.com/biangbiang/archive/2013/01/11/2856431.html>
Java REST Client
<http://rest-client.googlecode.com/>
Groovy RESTCLIENT (groovyx.net.http.RESTClient)
<http://groovy.codehaus.org/modules/http-builder/doc/rest.html>
HttpClient入門
<http://www.ibm.com/developerworks/cn/opensource/os-httpclient/>
<http://www.ibm.com/developerworks/cn/aix/library/au-aix-systemsdirector/section2.html>