티스토리 뷰

Cloud/Private Cloud

cURL with OpenStack

Jacob_baek 2021. 4. 9. 22:21

OpenStack API 요청을 cURL로 확인해야할 일이 있어 간단히 script으로 정리해보았다.

step by step

cURL과 같은 cli 기반의 요청을 위해서는 먼저 token 정보가 필요하다.
먼저 token을 가져오는 아래와 같은 요청을 먼저 수행하자.

우선 수행을 위해서는 당연하게도 openrc 파일내에 선언된 환경변수가 필요하다.

[root@deploy ~]# source admin-openrc.sh
[root@deploy ~]# curl -v -s -X POST $OS_AUTH_URL/auth/tokens?nocatalog  \
 -H "Content-Type: application/json" \
 -d '{ "auth": { "identity": { "methods": ["password"],"password": {"user": {"domain": {"name": "'"$OS_USER_DOMAIN_NAME"'"},"name": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"} } }, "scope": { "project": { "domain": { "name": "'"$OS_PROJECT_DOMAIN_NAME"'" }, "name":  "'"$OS_PROJECT_NAME"'" } } }}' \
 | python -m json.tool

실제 명령을 실행하게 되면 아래와 같은 X-Subject-Token field를 포함한 결과를 얻게 된다.

[root@deploy ~]# curl -v -s -X POST $OS_AUTH_URL/auth/tokens?nocatalog  \
>  -H "Content-Type: application/json" \
>  -d '{ "auth": { "identity": { "methods": ["password"],"password": {"user": {"domain": {"name": "'"$OS_USER_DOMAIN_NAME"'"},"name": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"} } }, "scope": { "project": { "domain": { "name": "'"$OS_PROJECT_DOMAIN_NAME"'" }, "name":  "'"$OS_PROJECT_NAME"'" } } }}' \
> | python -m json.tool
* About to connect() to openstack.jacobbaek.com port 5000 (#0)
*   Trying 192.168.1.100...
* Connected toopenstack.jacobbaek.com (192.168.1.100) port 5000 (#0)
> POST /v3/auth/tokens?nocatalog HTTP/1.1
> User-Agent: curl/7.29.0
> Host: openstack.jacobbaek.com:5000
> Accept: */*
> Content-Type: application/json
> Content-Length: 241
>
} [data not shown]
* upload completely sent off: 241 out of 241 bytes
< HTTP/1.1 201 Created
< Date: Wed, 23 Dec 2020 07:39:54 GMT
< Server: Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
< X-Subject-Token: gBBBBAAf4vRK0j3WcTqjf7U3Tlrl8aogrqh_i4B1p4ynHHMc3iIGe-e_QsUduiv_e3XIf9jVt_4biEDRCoSs--yo858R2egFwzUOM8KeCVPcC8PEHE9i73xFVyJA9NfUminy8Ed60s5SWD0kanygIQxxEFAeDY3Vs7oZ4jTy5imyAcFWgIsIXmE
< Vary: X-Auth-Token
< x-openstack-request-id: req-8223f69c-d96c-408f-bd6b-5247bae7115c
< Content-Length: 650
< Content-Type: application/json

NOTE
openstack command 를 활용하여 token 발행도 가능하다.

[root@deploy ~]# openstack token issue
+------------+------------------------------------------------------------------------+
| Field      | Value                                                                  |
+------------+------------------------------------------------------------------------+
| expires    | 2021-07-10T02:31:32+0000                                               |
| id         | gXXXXXXBg66xXxxQbeb4PpLf6nul5OC4IPY--xXXXxXzBdUxxxx1xxx1xx-xX1XXX1     |
| project_id | 1111111c5257418xx7903x2046111xx1                                       |
| user_id    | xxxx1111xxxx1111xx1x1x11xx1xx1xx                                       |
+------------+------------------------------------------------------------------------+​

위와 같이 발행된 ID를 사용해도 api 호출이 가능하다.

이제 앞서 이야기한 X-Subject-Token을 복사하여 환경변수로 설정해보자.

[root@deploy ~]# OS_TOKEN="gBBBBAAf4vRK0j3WcTqjf7U3Tlrl8aogrqh_i4B1p4ynHHMc3iIGe-e_QsUduiv_e3XIf9jVt_4biEDRCoSs--yo858R2egFwzUOM8KeCVPcC8PEHE9i73xFVyJA9NfUminy8Ed60s5SWD0kanygIQxxEFAeDY3Vs7oZ4jTy5imyAcFWgIsIXmE"

 

NOTE
물론 환경변수 지정안하고 바로 cURL 명령상에 넣어도 무방하다.

이후 아래와 같이 cURL을 통해 header에 앞서 지정한 Token정보를 포함시켜 OpenStack API 호출을 해볼수 있다.

[root@deploy ~]# curl -s -H "X-Auth-Token: $OS_TOKEN" "openstack.jacobbaek.com:8776/v2/32ebd527c20944e59718849360b772c2/volumes/2aa5d100-4404-4dd5-8f5f-d18af800a4an"
{"volume": {"migration_status": null, "attachments": [], "links": [{"href": "http://openstack.jacobbaek.com:8776/v2/32ebd527c20944e59718849360b772c2/volumes/2aa5d100-4404-4dd5-8f5f-d18af800a4an", "rel": "self"}, {"href": "http://openstack.jacobbaek.com:8776/32ebd527c20944e59718849360b772c2/volumes/2aa5d100-4404-4dd5-8f5f-d18af800a4an", "rel": "bookmark"}], "availability_zone": "nova", "os-vol-host-attr:host": "openstack.jacobbaek.com@ceph#RBD", "encrypted": false, "updated_at": "2021-04-06T09:35:51.000000", "replication_status": null, "snapshot_id": null, "id": "2aa5d100-4404-4dd5-8f5f-d18af800a4an", "size": 30, "user_id": "ec7e1fb83ba24036bc971d0ba05146b1", "os-vol-tenant-attr:tenant_id": "32ebd527c20944e59718849360b772c2", "os-vol-mig-status-attr:migstat": null, "metadata": {}, "status": "available", "volume_image_metadata": {"checksum": "9f5a31870d75669527e3d0460b017353", "min_ram": "0", "disk_format": "raw", "image_name": "ubuntu-20.04.LTS", "image_id": "33727ed6-9cf0-46f3-96b3-d9760365e993", "container_format": "bare", "min_disk": "0", "size": "2361393152"}, "description": "", "multiattach": false, "source_volid": null, "consistencygroup_id": null, "os-vol-mig-status-attr:name_id": null, "name": "", "bootable": "true", "created_at": "2021-04-06T09:35:46.000000", "volume_type": null}}

참고로 아래와 같은 api browsing site를 통해 api example을 확인할수 있다.

NOTE
참고로 호출할 API의 version을 정확하게 확인하고 수행하는것이 좋다.
버전마다 호출URL의 구성이 상이할수 있다.

script

아무래도 여러번의 과정이 거쳐져서 각 명령을 지속적으로 입력하는 불편함이 있어 이를 조금이나마 간편화 시키는 방법을 정리해본다.

[root@deploy ~]# OS_TOKEN=`curl -isX POST $OS_AUTH_URL/auth/tokens?nocatalog -H "Content-Type: application/json"  -d '{ "auth": { "identity": { "methods": ["password"],"password": {"user": {"domain": {"name": "'"$OS_USER_DOMAIN_NAME"'"},"name": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"} } }, "scope": { "project": { "domain": { "name": "'"$OS_PROJECT_DOMAIN_NAME"'" }, "name":  "'"$OS_PROJECT_NAME"'" } } }}' | grep X-Subject-Token | awk '{print $2}'`
[root@deploy ~]# alias oscurl='curl -s -H "X-Auth-Token: $OS_TOKEN"'

이후 alias로 등록한 oscurl 명령을 사용하여 손쉽게 url 호출을 수행할 수 있다.

[root@deploy ~]# oscurl http://openstack.jacobbaek.com:8776/v2/32ebd527c20944e59718849360b772c2/volumes/2aa5d100-4404-4dd5-8f5f-d18af800a4an
{"volume": {"migration_status": null, "attachments": [], "links": [{"href": "http://openstack.jacobbaek.com:8776/v2/32ebd527c20944e59718849360b772c2/volumes/2aa5d100-4404-4dd5-8f5f-d18af800a4an", "rel": "self"}, {"href": "http://openstack.jacobbaek.com:8776/32ebd527c20944e59718849360b772c2/volumes/2aa5d100-4404-4dd5-8f5f-d18af800a4an", "rel": "bookmark"}], "availability_zone": "nova", "os-vol-host-attr:host": "openstack.jacobbaek.com@ceph#RBD", "encrypted": false, "updated_at": "2021-04-06T09:35:51.000000", "replication_status": null, "snapshot_id": null, "id": "2aa5d100-4404-4dd5-8f5f-d18af800a4an", "size": 30, "user_id": "ec7e1fb83ba24036bc971d0ba05146b1", "os-vol-tenant-attr:tenant_id": "32ebd527c20944e59718849360b772c2", "os-vol-mig-status-attr:migstat": null, "metadata": {}, "status": "available", "volume_image_metadata": {"checksum": "9f5a31870d75669527e3d0460b017353", "min_ram": "0", "disk_format": "raw", "image_name": "ubuntu-20.04.LTS", "image_id": "33727ed6-9cf0-46f3-96b3-d9760365e993", "container_format": "bare", "min_disk": "0", "size": "2361393152"}, "description": "", "multiattach": false, "source_volid": null, "consistencygroup_id": null, "os-vol-mig-status-attr:name_id": null, "name": "", "bootable": "true", "created_at": "2021-04-06T09:35:46.000000", "volume_type": null}}

API lists

앞서는 token 기반 데이터를 추가/삭제/조회 하기 위한 기본 과정을 알아보았고
이제 위 과정상에 호출되는 데이터 추가/삭제/조회를 아래 링크에서 제공되는 API URL로 접근 해볼수 있다.

참고로 openstack component들은 port 및 URL 주소를 다르게 가진다.
하여 아래와 같은 명령으로 url 정보를 확인할 수 있다.

[root@deploy ~]# openstack endpoint list -c URL -c "Service Type"
+----------------+-----------------------------------------------------------------+
| Service Type   | URL                                                             |
+----------------+-----------------------------------------------------------------+
| orchestration  | http://openstack.jacobbaek.com:8004/v1/%(tenant_id)s            |
| object-store   | http://ceph.jacobbaek.com:7480/swift/v1/AUTH_%(project_id)s     |
| cloudformation | http://openstack.jacobbaek.com:8000                             |
| object-store   | http://ceph.jacobbaek.com:7480/swift/v1/AUTH_%(project_id)s     |
| alarming       | http://openstack.jacobbaek.com:8042                             |
| identity       | http://openstack.jacobbaek.com:5000/v3/                         |
| network        | http://openstack.jacobbaek.com:9696                             |
| network        | http://openstack.jacobbaek.com:9696                             |
| volumev2       | http://openstack.jacobbaek.com:8776/v2/%(project_id)s           |
| key-manager    | http://openstack.jacobbaek.com:9311                             |
| load-balancer  | http://openstack.jacobbaek.com:9876                             |
| volumev2       | http://openstack.jacobbaek.com:8776/v2/%(project_id)s           |
| load-balancer  | http://openstack.jacobbaek.com:9876                             |
| compute        | http://openstack.jacobbaek.com:8774/v2.1                        |
| volumev3       | http://openstack.jacobbaek.com:8776/v3/%(project_id)s           |
| volumev3       | http://openstack.jacobbaek.com:8776/v3/%(project_id)s           |
| network        | http://openstack.jacobbaek.com:9696                             |
| compute        | http://openstack.jacobbaek.com:8774/v2.1                        |
| metric         | http://openstack.jacobbaek.com:8041                             |
| alarming       | http://openstack.jacobbaek.com:8042                             |
| metric         | http://openstack.jacobbaek.com:8041                             |
| object-store   | http://ceph.jacobbaek.com:7480/swift/v1/AUTH_%(project_id)s     |
| compute        | http://openstack.jacobbaek.com:8774/v2.1                        |
| image          | http://openstack.jacobbaek.com:9292                             |
| orchestration  | http://openstack.jacobbaek.com:8004/v1/%(tenant_id)s            |
| metric         | http://openstack.jacobbaek.com:8041                             |
| image          | http://openstack.jacobbaek.com:9292                             |
| identity       | http://openstack.jacobbaek.com:5000/v3/                         |
| orchestration  | http://openstack.jacobbaek.com:8004/v1/%(tenant_id)s            |
| placement      | http://openstack.jacobbaek.com:8778                             |
| key-manager    | http://openstack.jacobbaek.com:9311                             |
| alarming       | http://openstack.jacobbaek.com:8042                             |
| key-manager    | http://openstack.jacobbaek.com:9311                             |
| placement      | http://openstack.jacobbaek.com:8778                             |
| cloudformation | http://openstack.jacobbaek.com:8000                             |
| placement      | http://openstack.jacobbaek.com:8778                             |
| load-balancer  | http://openstack.jacobbaek.com:9876                             |
| identity       | http://openstack.jacobbaek.com:5000/v3/                         |
| volumev3       | http://openstack.jacobbaek.com:8776/v3/%(project_id)s           |
| cloudformation | http://openstack.jacobbaek.com:8000                             |
| volumev2       | http://openstack.jacobbaek.com:8776/v2/%(project_id)s           |
| image          | http://openstack.jacobbaek.com:9292                             |
+----------------+-----------------------------------------------------------------+

참고사항

API 호출시 아래와 같은 filter를 제공하기도 하니 url조합을 잘 해서 openstack api control을 해보는것을 추천한다.

oscurl http://openstack.jacobbaek.com:8774/v2.1/servers?all_tenants=yes\&name=testinstance\&project_id=111111-111111111-1111111-111111 | python3 -m json.tool

참고사이트

'Cloud > Private Cloud' 카테고리의 다른 글

label_replace , label_join in PromQL  (0) 2022.04.26
openstack instance build stuck  (0) 2021.02.24
kolla-ansible with elasticsearch  (0) 2021.02.23
Packer on OpenStack  (0) 2021.02.19
gophercloud sdk  (0) 2021.02.08
댓글
공지사항
최근에 올라온 글
최근에 달린 댓글
Total
Today
Yesterday
링크
«   2024/03   »
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
글 보관함