|
Openstack 做为流行的开源云计算平台,其最大特性是利用其提供的基础设施API,让我们可以以软件的方式来动态管理IAAS资源。Openstack 提供的api是流行的Rest API.
闲话少说,我们来开始使用Openstack API。
前提:搭建Openstack 环境是必须,可以根据参考资料搭建一个单机虚拟机环境.
假设我们搭建的环境信息为:
物理服务器地址: 192.168.1.1
管理员用户名:admin
管理员密码:password
管理员租户ID:3942bfc544a24f748788c06dbc486ffa
做好环境后,我们先验证一下,API是否正常工作.使用Curl工具验证;
curl -k -X 'POST' -v http://192.168.1.1:5000/v2.0/tokens -d '{"auth":{"passwordCredentials":{"username": "admin", "password":"password"}, "tenantId":"3942bfc544a24f748788c06dbc486ffa"}}' -H 'Content-type: application/json'
返回一串的json字符串:
View Code
1 {
2 "access" : {
3 "token" : {
4 "expires" : "2013-01-23T04:26:01Z",
5 "id" : "9bc5f651f5ff44329f67a5a33486fcf4",
6 "tenant" : {
7 "description" : null,
8 "enabled" : true,
9 "id" : "3942bfc544a24f748788c06dbc486ffa",
10 "name" : "admin"
11 }
12 },
13 "serviceCatalog" : [ {
14 "endpoints" : [ {
15 "adminURL" : "http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa",
16 "region" : "RegionOne",
17 "internalURL" : "http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa",
18 "publicURL" : "http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa"
19 } ],
20 "endpoints_links" : [ ],
21 "type" : "compute",
22 "name" : "nova"
23 }, {
24 "endpoints" : [ {
25 "adminURL" : "http://192.168.1.1:9696/",
26 "region" : "RegionOne",
27 "internalURL" : "http://192.168.1.1:9696/",
28 "publicURL" : "http://192.168.1.1:9696/"
29 } ],
30 "endpoints_links" : [ ],
31 "type" : "network",
32 "name" : "quantum"
33 }, {
34 "endpoints" : [ {
35 "adminURL" : "http://192.168.1.1:9292/v2",
36 "region" : "RegionOne",
37 "internalURL" : "http://192.168.1.1:9292/v2",
38 "publicURL" : "http://192.168.1.1:9292/v2"
39 } ],
40 "endpoints_links" : [ ],
41 "type" : "image",
42 "name" : "glance"
43 }, {
44 "endpoints" : [ {
45 "adminURL" : "http://192.168.1.1:8776/v1/3942bfc544a24f748788c06dbc486ffa",
46 "region" : "RegionOne",
47 "internalURL" : "http://192.168.1.1:8776/v1/3942bfc544a24f748788c06dbc486ffa",
48 "publicURL" : "http://192.168.1.1:8776/v1/3942bfc544a24f748788c06dbc486ffa"
49 } ],
50 "endpoints_links" : [ ],
51 "type" : "volume",
52 "name" : "cinder"
53 }, {
54 "endpoints" : [ {
55 "adminURL" : "http://192.168.1.1:8773/services/Admin",
56 "region" : "RegionOne",
57 "internalURL" : "http://192.168.1.1:8773/services/Cloud",
58 "publicURL" : "http://192.168.1.1:8773/services/Cloud"
59 } ],
60 "endpoints_links" : [ ],
61 "type" : "ec2",
62 "name" : "ec2"
63 }, {
64 "endpoints" : [ {
65 "adminURL" : "http://192.168.1.1:8080/v1",
66 "region" : "RegionOne",
67 "internalURL" : "http://192.168.1.1:8080/v1/AUTH_3942bfc544a24f748788c06dbc486ffa",
68 "publicURL" : "http://192.168.1.1:8080/v1/AUTH_3942bfc544a24f748788c06dbc486ffa"
69 } ],
70 "endpoints_links" : [ ],
71 "type" : "object-store",
72 "name" : "swift"
73 }, {
74 "endpoints" : [ {
75 "adminURL" : "http://192.168.1.1:35357/v2.0",
76 "region" : "RegionOne",
77 "internalURL" : "http://192.168.1.1:5000/v2.0",
78 "publicURL" : "http://192.168.1.1:5000/v2.0"
79 } ],
80 "endpoints_links" : [ ],
81 "type" : "identity",
82 "name" : "keystone"
83 } ],
84 "user" : {
85 "username" : "admin",
86 "roles_links" : [ ],
87 "id" : "89b0ec701354421fa2284667d4175af7",
88 "roles" : [ {
89 "id" : "12833eaa4ff14e8ea1e1c2f96ea6f18d",
90 "name" : "KeystoneServiceAdmin"
91 }, {
92 "id" : "31e298db6ece43c2b85f21f2a696809e",
93 "name" : "admin"
94 }, {
95 "id" : "8cc376e9218a4068af4cb5a923c0f201",
96 "name" : "KeystoneAdmin"
97 }, {
98 "id" : "bb4d1cf04bcb4be59bb2b78f9a273a9c",
99 "name" : "ResellerAdmin"
100 } ],
101 "name" : "admin"
102 }
103 }
104 }
需要的是前面几行:
{"access": {"token": {"expires": "2013-01-23T02:22:40Z", "id": "dba0a6722b86483e83b07e5556bafb02"...
其中的ID一项,即为我们以后认证需要的token,记下来:
X-Auth-Token:dba0a6722b86483e83b07e5556bafb02
其它的server 及region信息,是根据你的keystone配置,会将各个服务的访问地址(endpoint)列出来,你可以从这里获得Image,compute,volume等API接口访问地址.
特别提醒:
认证的请求json字符串正确格式为:
{
"auth":{
"passwordCredentials":{
"username":"admin",
"password":"password"
},
"tenantId":"3942bfc544a24f748788c06dbc486ffa"
}
}
缺少了tenantId选项依然可以获得token ,然而这样的token只能在keystone组件中使用,当使用此token去nova 或者image组件认证时,会失败(401错误)
而截止目前,官方api文档http://api.openstack.org/api-ref.html 为
tenantName (可选项),按此文档请求会出现token不能在其它组件中认证的情况.
获得正确的的tokens后,便可以参考官方的api参考页面,测试其它的api了.
如instance 列表:
curl -v -H "X-Auth-Token:dba0a6722b86483e83b07e5556bafb02" http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa/servers
curl毕竟是命令行,比较麻烦,大家可以使用rest客户端去操作。这里推存一个JAVA的:
https://code.google.com/p/rest-client/
下面我们通过API完成创建一个虚拟机的工作.
第一步:获取镜像列表:
协议为 GET http://192.168.1.1:9292/v1/images
这里使用Rest-client提交
我们选一个镜像id: 03419abb-c27f-4dde-bc74-b8387d1ccb30
第二步:获取虚拟机创建方案.
协议为: GET http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa/flavors
使用rest-client请求:
选取一个flavorid:100
第三步,创建虚拟机
协议:POST http://192.168.1.1:8774/v2/3942bfc544a24f748788c06dbc486ffa/servers
BODY:
{
"server":{
"flavorRef":"100",
"imageRef":"03419abb-c27f-4dde-bc74-b8387d1ccb30",
"metadata":{
"My Server Name":"Apache1"
},
"name":"new-server-test",
"personality":[
{
"contents":"",
"path":"/etc/banner.txt"
}
]
}
}
restclient 请求:
由于我的虚拟机资源用限,超出容量,所以创建失败了。成功的请求是这样的
{
"server":{
"adminPass":"MVk5HPrazHcG",
"id":"5bbcc3c4-1da2-4437-a48a-66f15b1b13f9",
"links":[
{
"href":"http://openstack.example.com/v2/openstack/servers/5bbcc3c4-1da2-4437-a48a-66f15b1b13f9",
"rel":"self"
},
{
"href":"http://openstack.example.com/openstack/servers/5bbcc3c4-1da2-4437-a48a-66f15b1b13f9",
"rel":"bookmark"
}
]
}
}
结果可以登录http://192.168.1.1
用openstack 的Horizon的验证。
其它的api可以参考Openstack的文档完成了 http://api.openstack.org
常用工具
JSON格式化
Java REST Client
Groovy RESTCLIENT (groovyx.net.http.RESTClient)
HttpClient入门 |
|