OpenStack REST APIs Keystone to generate an Authentication token
#The openstack rest APIs access require the authentication token. This token is used to authenticate with the Other APIs
#Hence the first step is to get an Authentication token.
#this example shows how to use the username and password to generate an authentication token
#this makes a CURL call to OpenStack Keystone API to get an Authentication token
#This also gives the information about the name and the URLs for the endpoint to which the authenticated user has access to
#The Auth key is gAAAAABZ2yaRIQXdF6F-54APFA_s3nba17PKZ9pVuh8MP5ZUqTa3YeodPCW9e4wSthlQQu4ZicYSv9PxDfmLvuucwewC2eK395jt1_Ks1IDuTd9ibtOWhfERzTa9jPp1uEls7nDR4ZjAO6DEEudZLzOCMKwOqr5xYe503tFRy29IbAAuVSCBr8g
as seen in the Result of the API Call
#the Auth key can be used then further to make POST CURL calls to the available endpoint URLs using the same in the header as -H "X-Auth-key: gAAAAABZ2yaRIQXdF6F-54APFA_s3nba17PKZ9pVuh8MP5ZUqTa3YeodPCW9e4wSthlQQu4ZicYSv9PxDfmLvuucwewC2eK395jt1_Ks1IDuTd9ibtOWhfERzTa9jPp1uEls7nDR4ZjAO6DEEudZLzOCMKwOqr5xYe503tFRy29IbAAuVSCBr8g"
#Another header that may be required when making the other CURL post calls will be -H "Content-type: application/json" so as inform the API Endpoint that the Body of the API request has the JSON format.
# -d '{}' actually contains the data that has to be sent by CURL in the request.
# hence '{}' has to be JSON format as the -H "Content-type: application/json" says that the data being sent is in the JSON format
# Make an API call to the keystone API to fetch the token and the other endpoint URL info
curl -d '
{"auth": {
"tenantName": "admin",
"passwordCredentials": {
"username": "admin",
"password": "secretpasswordofadminuser"
}
}
}' \
-H "Content-type: application/json" \
"http://11.11.1.158:5000/v2.0/tokens" | python -m json.tool
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 3921 100 3764 100 157 26200 1092 --:--:-- --:--:-- --:--:-- 26321
{
"access": {
"metadata": {
"is_admin": 0,
"roles": [
"52e3eba595f841cca3e082e52ddcac20",
"7fc66fff74a34bd78e766711810afea6",
"9fe2ff9ee4384b1894a90878d3e92bab"
]
},
"serviceCatalog": [
{
"endpoints": [
{
"adminURL": "http://11.11.1.158:8774/v2.1/f4b62d0d71f44126bd22c2f04251b3f1",
"id": "66ed17d48fba44a487742b6f4f0a4c19",
"internalURL": "http://11.11.1.158:8774/v2.1/f4b62d0d71f44126bd22c2f04251b3f1",
"publicURL": "http://11.11.1.158:8774/v2.1/f4b62d0d71f44126bd22c2f04251b3f1",
"region": "RegionOne"
}
],
"endpoints_links": [],
"name": "nova",
"type": "compute"
},
{
"endpoints": [
{
"adminURL": "http://11.11.1.158:9696",
"id": "1bec7d48f4e9452ab497863eb3a9420e",
"internalURL": "http://11.11.1.158:9696",
"publicURL": "http://11.11.1.158:9696",
"region": "RegionOne"
}
],
"endpoints_links": [],
"name": "neutron",
"type": "network"
},
{
"endpoints": [
{
"adminURL": "http://11.11.1.158:8042",
"id": "71b96a57c529423c8b4e8c70c7780230",
"internalURL": "http://11.11.1.158:8042",
"publicURL": "http://11.11.1.158:8042",
"region": "RegionOne"
}
],
"endpoints_links": [],
"name": "aodh",
"type": "alarming"
},
{
"endpoints": [
{
"adminURL": "http://11.11.1.158:8041",
"id": "08e6d502d2d64b8a81e9f6bb1919d889",
"internalURL": "http://11.11.1.158:8041",
"publicURL": "http://11.11.1.158:8041",
"region": "RegionOne"
}
],
"endpoints_links": [],
"name": "gnocchi",
"type": "metric"
},
{
"endpoints": [
{
"adminURL": "http://11.11.1.158:8777",
"id": "4efec854424443fdafe2cc26f5ba3fa8",
"internalURL": "http://11.11.1.158:8777",
"publicURL": "http://11.11.1.158:8777",
"region": "RegionOne"
}
],
"endpoints_links": [],
"name": "ceilometer",
"type": "metering"
},
{
"endpoints": [
{
"adminURL": "http://11.11.1.158:8000/v1",
"id": "0a9750e5702f45f0918a2f0e30c3e7c9",
"internalURL": "http://11.11.1.158:8000/v1",
"publicURL": "http://11.11.1.158:8000/v1",
"region": "RegionOne"
}
],
"endpoints_links": [],
"name": "heat-cfn",
"type": "cloudformation"
},
{
"endpoints": [
{
"adminURL": "http://11.11.1.158:8004/v1/f4b62d0d71f44126bd22c2f04251b3f1",
"id": "1538c41f21b4457c8f70a7c713d133fd",
"internalURL": "http://11.11.1.158:8004/v1/f4b62d0d71f44126bd22c2f04251b3f1",
"publicURL": "http://11.11.1.158:8004/v1/f4b62d0d71f44126bd22c2f04251b3f1",
"region": "RegionOne"
}
],
"endpoints_links": [],
"name": "heat",
"type": "orchestration"
},
{
"endpoints": [
{
"adminURL": "http://11.11.1.158:8778/placement",
"id": "7606f57ad8054b2aab2b5eae6e39b6ae",
"internalURL": "http://11.11.1.158:8778/placement",
"publicURL": "http://11.11.1.158:8778/placement",
"region": "RegionOne"
}
],
"endpoints_links": [],
"name": "placement",
"type": "placement"
},
{
"endpoints": [
{
"adminURL": "http://11.11.1.158:9292",
"id": "20f517caff8d4dc3a75d51452637f200",
"internalURL": "http://11.11.1.158:9292",
"publicURL": "http://11.11.1.158:9292",
"region": "RegionOne"
}
],
"endpoints_links": [],
"name": "glance",
"type": "image"
},
{
"endpoints": [
{
"adminURL": "http://11.11.1.158:35357/v3",
"id": "2179759c45914fbfadcc0771db801646",
"internalURL": "http://11.11.1.158:5000/v3",
"publicURL": "http://11.11.1.158:5000/v3",
"region": "RegionOne"
}
],
"endpoints_links": [],
"name": "keystone",
"type": "identity"
}
],
"token": {
"audit_ids": [
"IXELgilVTTatI6t4d_VM9A"
],
"expires": "2017-10-09T08:34:41.000000Z",
"id": "gAAAAABZ2yaRIQXdF6F-54APFA_s3nba17PKZ9pVuh8MP5ZUqTa3YeodPCW9e4wSthlQQu4ZicYSv9PxDfmLvuucwewC2eK395jt1_Ks1IDuTd9ibtOWhfERzTa9jPp1uEls7nDR4ZjAO6DEEudZLzOCMKwOqr5xYe503tFRy29IbAAuVSCBr8g",
"issued_at": "2017-10-09T07:34:41.000000Z",
"tenant": {
"description": "admin tenant",
"enabled": true,
"id": "f4b62d0d71f44126bd22c2f04251b3f1",
"name": "admin"
}
},
"user": {
"id": "a6a6144a16114b1fb239bb9381554a9f",
"name": "admin",
"roles": [
{
"name": "heat_stack_owner"
},
{
"name": "admin"
},
{
"name": "_member_"
}
],
"roles_links": [],
"username": "admin"
}
}
}
# An example to use the above generated token in A CURL API get call is like
# get all the stacks for the admin tenant, here the tenant ID for admin project is f4b62d0d71f44126bd22c2f04251b3f1
# the header in the CURL GET call to the HEAT API as X-Auth-Token has the AUTH key generated earlier
curl -X GET http://11.11.1.158:8004/v1/f4b62d0d71f44126bd22c2f04251b3f1/stacks -H "X-Auth-Token: gAAAAABZ2yaRIQXdF6F-54APFA_s3nba17PKZ9pVuh8MP5ZUqTa3YeodPCW9e4wSthlQQu4ZicYSv9PxDfmLvuucwewC2eK395jt1_Ks1IDuTd9ibtOWhfERzTa9jPp1uEls7nDR4ZjAO6DEEudZLzOCMKwOqr5xYe503tFRy29IbAAuVSCBr8g"
# Another example to use the token in a CURL POST CALL to NOVA API to create an Instance
# Make an API call to Nova REST API
# the URL contains the Nova Port 8774 and the admin tenant project ID as f4b62d0d71f44126bd22c2f04251b3f1
# Also the -H for Content-type application/json is here
# the -d shows the JSON body data that has to be sent by the CURL POST call to the Nova API
# Please note that the appropriate security group for the instance can be sent to the NOVA API in the JSON data
curl -X POST http://11.11.1.158:8774/v2.1/f4b62d0d71f44126bd22c2f04251b3f1/servers -H "X-Auth-Token: gAAAAABZ2yaRIQXdF6F-54APFA_s3nba17PKZ9pVuh8MP5ZUqTa3YeodPCW9e4wSthlQQu4ZicYSv9PxDfmLvuucwewC2eK395jt1_Ks1IDuTd9ibtOWhfERzTa9jPp1uEls7nDR4ZjAO6DEEudZLzOCMKwOqr5xYe503tFRy29IbAAuVSCBr8g" -H "Content-Type: application/json" -d '{"server": {"min_count": 1, "flavorRef": "1", "name": "foobar", "imageRef": "d66b73e7-cb0c-42c5-bf73-d5bbdf245da5", "max_count": 1, "networks": [ { "uuid": "13e0d04f-9f41-46ae-8dfa-adea11dea898"} ] }}'
No comments:
Post a Comment