Upload
stackops
View
1.757
Download
2
Embed Size (px)
DESCRIPTION
Openstack se ha convertido en los últimos meses en uno de los proyectos de software de gestión de Infraestructuras como Servicio más populares. Sin embargo, puede ser una bestia difícil de domar. Para sacarle jugo al máximo lo mejor es usar la plataforma a través de sus APIs.En esta charla veremos las posibilidades de la plataforma usando los APIs específicos de Openstack, y compararemos con los APIs compatibles con Amazon EC2 y Eucalyptus que también ofrece la plataforma.
Citation preview
Openstack Nova APIs
Diego Parrilla
Diego [email protected]
¿Quién Soy?
Diego ParrillaStackops CEO & Founder
twitter.com/nubeblogwww.stackops.com
twitter.com/stackops
Diego [email protected]
La infraestructura ya no es una ventaja competitiva
3
La infraestructura ya no es necesaria
Se buscan formas pago por su uso
Las formas de pago deben ser de alta granularidad
Debe ser muy elástica, ¡igual tenemos éxito!
Así aparece la Infraestructura como Servicio
Diego [email protected]
Las empresas empiezan a ‘infectarse’
4
Tecnologías que usan IaaS y no ‘hierro’
Procesos de gestión adaptadas al IaaS: metodologías ágiles.
La aplicación prevalece sobre la infraestructura
Ingenieros con perfiles nuevos e ideas diferentes (Devops)
Diego [email protected]
Software to provision virtual machines on standard hardware at massive scale
Software to reliably store billions of objects distributed across standard hardware
OpenStack Compute
OpenStack Object Storage
A community creating open source software to build public and private clouds
Diego [email protected]
OpenStack Community Today
Diego [email protected]
Company launched in March 2011 Figures
Total Downloads >22000
Platforms deployed with our distro (15/3/2012) >14000
Clients registered (15/3/2012) >3000
Diego [email protected]
SysAdmins Python developers Java developers FrontEnd developers (ExtJS)
Diego [email protected]
¿Qué es un DevOp? Conjunto de principios, métodos y prácticas para la colaboración e integración entre
desarrolladores y operaciones.
Combinación de ‘developer’ y ‘operations’
Operaciones programadas usando este tipo de plataformas y herramientas.
De operaciones reactivas, a unas más ágiles y automatizadas.
Meta: producir software y/o servicios más rápida y eficientemente.
9
Diego [email protected]
Diseño de soluciones Los desarrolladores ganan poder en el diseño de las soluciones.
La aplicación dicta sus propias necesidades de recursos.
Desarrollo ‘pasa el marrón’ a Operaciones.
Operaciones se defiende poniendo barreras. Actitud defensiva.
Para evitarlo el ecosistema de la app debe gestionarse por software.
10
Diego [email protected]
Mantenimiento automatizado Aparecen nuevas herramientas que automatizan tareas cotidianas de los
SysAdmins
Herramientas que se programan como si fuera un Framework más: Chef,
Puppet,
Fabric…
Sistemas que se gestionan como servicios mediante APIS.
11
Diego [email protected]
Cloud Users
Platform Admins
Northbridge APIs
Southbridge APIs
EC2 Openstack Glance
Keystone
Admin StackOps
Quantum
Diego [email protected]
http://api.openstack.org
Diego [email protected]
Diego [email protected]
Solicitar token a Keystonecurl -s -d
"{\"auth\":{\"passwordCredentials\": {\"username\": \"$NOVA_USERNAME\", \"password\": \"$NOVA_API_KEY\"}}}" -H "Content-type: application/json" http://$HOST_IP:5000/v2.0/tokens
{"access": {"token": {"expires": "2012-03-24T11:38:43", "id": "8fd10194-5e6c-41f6-9301-f83a1fcff9c7"}, "user": {"id": "1", "roles": [{"id": "1", "name": "Admin"}, {"id": "3", "name": "KeystoneAdmin"}, {"id": "4", "name": "KeystoneServiceAdmin"}], "name": "admin"}}}
Diego [email protected]
Usando el token con Glance (I)IMAGE_NAME='ttylinux-uec-amd64-12.1_2.6.35-22_1’
tar -zxf ./$IMAGE_NAME.tar.gz -C /tmp/images
RVAL=`glance add -A $AUTH_TOKEN name="ttylinux-kernel" is_public=true container_format=aki disk_format=aki < /tmp/images/$IMAGE_NAME-vmlinuz*`
KERNEL_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "`
glance add -A $AUTH_TOKEN name="ttylinux" is_public=true container_format=ami disk_format=ami kernel_id=$KERNEL_ID < /tmp/images/$IMAGE_NAME.img
root@nova-controller:/var/lib/stackops# glance index -A $AUTH_TOKEN
ID Name Disk Format Container Format Size
---------------- ------------------------------ -------------------- -------------------- --------------
10 ttylinux ami ami 25165824
9 ttylinux-kernel aki aki 4404752
root@nova-controller:/var/lib/stackops#
Diego [email protected]
Usando el token con Glance (II)curl -H "X-Auth-Token:$AUTH_TOKEN" http://GLANCE_HOST:9292/v1/images
{"images":
[{"name": "ttylinux", "container_format": "ami", "disk_format": "ami", "checksum": "10047a119149e08fb206eea89832eee0", "id": 10, "size": 25165824},
{"name": "ttylinux-kernel", "container_format": "aki", "disk_format": "aki", "checksum": "3ed2965d3f8d877a3ee3e061fd648e9a", "id": 9, "size": 4404752}]
}
Diego [email protected]
EC2 Query API vs Openstack API
Diego [email protected]
EC2 Query API Basada en GET y POST + Parámetros
Cada petición debe ir firmada
Message Authentication Code (HMAC) con función hash SHA-1
?Action=DescribeImages
&AWSAccessKeyId=10QMXFEV71ZS32XQFTR2
&SignatureVersion=1
&Timestamp=2006-12-08T07%3A48%3A03Z
&Version=2007-01-03
&Signature=GjH3941IBe6qsgQu%2Bk7FpCJjpnc%3D
Diego [email protected]
Openstack API REST
Basada en el API de Rackspace
Extensible: Quantum
System Usage
?Action=DescribeImages
&AWSAccessKeyId=10QMXFEV71ZS32XQFTR2
&SignatureVersion=1
&Timestamp=2006-12-08T07%3A48%3A03Z
&Version=2007-01-03
Diego [email protected]
Obtener lista de servicios del tenant Necesitamos username, password y tenantIdcurl -s -d "{\"auth\":{\"passwordCredentials\":
{\"username\": \"$NOVA_USERNAME\", \"password\": \"$NOVA_API_KEY\"}, \"tenantId\":\”$TENANT_ID\"}}" -H "Content-type: application/json" http://$HOST_IP:5000/v2.0/tokens
{"access":
{"token": {"expires": "2015-02-05T00:00:00", "id": "999888777666", "tenant": {"id": "1", "name": "admin”}},
"serviceCatalog": [
{"endpoints": [{"adminURL": "http://10.0.2.15:8774/v1.1/1", "region": "nova", "internalURL": "http://10.0.2.15:8774/v1.1/1", "publicURL": "http://10.0.2.15:80/v1.1/1"}], "type": "compute", "name": "nova"},
{"endpoints": [{"adminURL": "http://10.0.2.15:9292/v1.1/1", "region": "nova", "internalURL": "http://10.0.2.15:9292/v1.1/1", "publicURL": "http://10.0.2.15:9292/v1.1/1"}], "type": "image", "name": "glance"},
{"endpoints": [{"adminURL": "http://10.0.2.15:35357/v2.0", "region": "nova", "internalURL": "http://10.0.2.15:5000/v2.0", "publicURL": "http://10.0.2.15:5000/v2.0"}], "type": "identity", "name": "keystone"}],
"user": {"id": "1", "roles": [{"tenantId": "1", "id": "1", "name": "Admin"}, {"id": "1", "name": "Admin"}, {"id": "3", "name": "KeystoneAdmin"}, {"id": "4", "name": "KeystoneServiceAdmin"}], "name": "admin"}}}
Diego [email protected]
Obtener lista de imagenes disponibles Necesitamos el tokencurl -i http://10.0.2.15:80/v1.1/1/images/detail -H "X-Auth-Token: 999888777666"
{"images":
[{"status": "ACTIVE", "updated": "2012-03-23T12:06:15Z", "name": "ttylinux", "links": [{"href": "http://10.0.2.15/v1.1/1/images/10", "rel": "self"}, {"href": "http://10.0.2.15/1/images/10", "rel": "bookmark"}], "created": "2012-03-23T12:06:14Z", "progress": 100, "id": "10", "metadata": {"kernel_id": "9", "min_disk": 0, "min_ram": 0, "owner": null}},
{"status": "ACTIVE", "updated": "2012-03-23T12:06:13Z", "name": "ttylinux-kernel", "links": [{"href": "http://10.0.2.15/v1.1/1/images/9", "rel": "self"}, {"href": "http://10.0.2.15/1/images/9", "rel": "bookmark"}], "created": "2012-03-23T12:06:13Z", "progress": 100, "id": "9", "metadata": {"min_disk": 0, "owner": null, "min_ram": 0}}]}
Diego [email protected]
Obtener lista de ‘sabores’ disponibles Necesitamos el tokencurl -i http://10.0.2.15:80/v1.1/1/flavors -H "X-Auth-Token: 999888777666"
{"flavors":
[{"id": 3, "links": [{"href": "http://10.0.2.15/v1.1/1/flavors/3", "rel": "self"}, {"href": "http://10.0.2.15/1/flavors/3", "rel": "bookmark"}], "name": "m1.medium"}, {"id": 4, "links": [{"href": "http://10.0.2.15/v1.1/1/flavors/4", "rel": "self"}, {"href": "http://10.0.2.15/1/flavors/4", "rel": "bookmark"}],"name": "m1.large"}, {"id": 1, "links": [{"href": "http://10.0.2.15/v1.1/1/flavors/1", "rel": "self"}, {"href": "http://10.0.2.15/1/flavors/1", "rel": "bookmark"}], "name": "m1.tiny"}, {"id": 5, "links": [{"href": "http://10.0.2.15/v1.1/1/flavors/5", "rel": "self"}, {"href": "http://10.0.2.15/1/flavors/5", "rel": "bookmark"}], "name": "m1.xlarge"}, {"id": 2, "links": [{"href": "http://10.0.2.15/v1.1/1/flavors/2", "rel": "self"}, {"href": "http://10.0.2.15/1/flavors/2", "rel": "bookmark"}], "name": "m1.small"}]}
Diego [email protected]
Obtener informacion m1.tiny Necesitamos el token la referencia a la m1.tinycurl -i http://10.0.2.15:80/v1.1/1/flavors/1 -H "X-Auth-Token: 999888777666"
{"flavor": {"rxtx_quota": 0, "name": "m1.tiny", "links": [{"href": "http://10.0.2.15/v1.1/1/flavors/1", "rel": "self"},
{"href": "http://10.0.2.15/1/flavors/1", "rel": "bookmark"}], "ram": 512, "vcpus": 1, "rxtx_cap": 0, "swap": 0, "disk": 0, "id": 1}}
Diego [email protected]
Arrancar una VM m1.tiny con ttylinux Necesitamos el token, la referencia a la m1.tiny y a la imagen ttylinuxcurl -i http://10.0.2.15:80/v1.1/1/servers -X POST -d ' {"server": {"flavorRef":
"1", "name": "Test3", "imageRef": „10"}}' -H "X-Auth-Token: 999888777666" -H "Accept: application/json" -H "Content-type: application/json"
{"server": {"status": "BUILD", "updated": "2012-03-24T01:29:40Z", "hostId": "", "user_id": "admin", "name": "Test3", "links": [{"href": "http://10.0.2.15/v1.1/1/servers/3", "rel": "self"}, {"href": "http://10.0.2.15/1/servers/3", "rel": "bookmark"}], "addresses": {}, "tenant_id": "1", "image": {"id": “10", "links": [{"href": "http://10.0.2.15/1/images/10", "rel": "bookmark"}]},….: {}}}
Diego [email protected]
Ver el estado del despliegue de la VM Necesitamos el token y el ID de la VMcurl -i http://10.0.2.15:80/v1.1/1/servers/3 -H "X-Auth-Token: 999888777666"
{"server": {"status": "ACTIVE", "updated": "2012-03-24T01:29:48Z", "hostId": "0efed51f62cbab80576f1d3e4c540a35d5aaa76dab99fe6a2aabf838", "user_id": "admin", "name": "Test3", "links": [{"href": "http://10.0.2.15/v1.1/1/servers/3", "rel": "self"}, {"href": "http://10.0.2.15/1/servers/3", "rel": "bookmark"}], "addresses": {"service": [{"version": 4, "addr": "10.0.0.4"}]}, "tenant_id": "1", "image": {"id": “10", "links": [{"href": "http://10.0.2.15/1/images/10", "rel": "bookmark"}]}, "created": "2012-03-24T01:29:40Z", "uuid": "c404217a-fccf-41ce-969f-3e442c4e1b92", ……}}
Diego [email protected]
Terminar y borrar una VM Necesitamos el token y el UUID (No el ID) de la VMcurl -i http://10.0.2.15:80/v1.1/1/servers/632b9f58-20f3-4c95-9dca-bbae8c9e02b8 -X
DELETE -H "X-Auth-Token: 999888777666"
HTTP/1.1 204 No Content
Diego [email protected]
¡Muchas Gracias!
www.openstack.org
docs.openstack.org
apis.openstack.org
wiki.openstack.org
docs.stackops.org