So I'm exploring the API for Openstack to see how I can extract information from an Openstack platform.
I found the examples can be found here. While the API is located here.
This could be useful as in the future I could script a networking device (Switch, Router, Firewall, etc) to automate and provision services whenever a new tenant is built.
The idea is to self provision itself. For example when a new tenant is created, a switch can access Openstack, find out what network name was configured, which vlan id assigned and a what ip subnet configured.
So the first step is to authenticate to the Openstack Server and retrieve a temporary token.
host1#curl -d '{"auth":{"passwordCredentials":{"username": "admin","password": "mypassword"},"tenantName": "admin"}}' -H "Content-Type: application/js
on" http://x.x.x.x:5000/v2.0/tokens | python -mjson.tool
What comes back is a json response that needs to be parsed. I piped the python module "python -mjson.tool" to parse the contents.
What I get in return looks similar to this:
{
"access": {
"metadata": {
"is_admin": 0,
"roles": [
"3e2b3771096e4a95b39f3832c19679df"
]
},
"serviceCatalog": [
{
"endpoints": [
{
....
}
],
"token": {
"expires": "2014-07-10T19:31:10Z",
"id": "14213fjgiod2341vcrt46b9674f",
"issued_at": "2014-07-09T19:31:10.700433",
"tenant": {
"description": "admin tenant",
"enabled": true,
"id": "3a10de8a82444118865a6398b336ee68",
"name": "admin"
}
},
"user": {
"id": "be246bdf3e01493d8d75bf3938e1bffc",
"name": "admin",
"roles": [
{
"name": "admin"
}
],
"roles_links": [],
"username": "admin"
}
}
}
Now you can see that the token "expires" and this will mean that you will need to request tokens every so often for security purposes.
After this you'll need the token id so you can make further requests.
Next assign your token to a variable.
host1# MyToken=14213fjgiod2341vcrt46b9674f
host1# echo $MyToken
14213fjgiod2341vcrt46b9674f
Then you can use the token to request further information:
host1#curl -s -H "X-Auth-Token: $MyToken" http://x.x.x.x:9696/v2.0/networks | python -mjson.tool
{
"networks": [
{
"admin_state_up": true,
"id": "0b6ed891-a9ae-4c5a-a7f9-36e851bf1d48",
"name": "Network1",
"provider:network_type": "local",
"provider:physical_network": null,
"provider:segmentation_id": null,
"router:external": false,
"shared": false,
"status": "ACTIVE",
"subnets": [
"d4bf516f-135c-4c7f-ba7e-363cb6c7d307"
],
"tenant_id": "3a10de8a82444118865a6398b336ee68"
}
}
With this information I can do a get on the subnet:
/v2.0/subnets/{subnet_id}
# curl -s -H "X-Auth-Token: $MyToken" http://x.x.x.x:9696/v2.0/subnets/d4bf516f-135c-4c7f-ba7e-363cb6c7d307 | python -mjson.tool
{
"subnet": {
"allocation_pools": [
{
"end": "20.20.0.20",
"start": "20.20.0.10"
}
],
"cidr": "20.20.0.0/24",
"dns_nameservers": [
"198.6.1.1"
],
"enable_dhcp": true,
"gateway_ip": "20.20.0.1",
"host_routes": [],
"id": "d4bf516f-135c-4c7f-ba7e-363cb6c7d307",
"ip_version": 4,
"name": "Network1",
"network_id": "0b6ed891-a9ae-4c5a-a7f9-36e851bf1d48",
"tenant_id": "3a10de8a82444118865a6398b336ee68"
}
}
So with this information I can basically extract the cidr and gateway_ip to populate a gateway router.
No comments:
Post a Comment