OpenStack API and WSGI
OpenStack是一个很多服务的集合,它所包含的服务有nova(compute)、keystone(identity)、glance(image)、horizon(dashboard)、neutron(network)、swift(object storage)等。每个服务都可以看做是一个WebApp,每个service从前端看就是一个REST API server,有可能后端有多个backend server,service之间是通过messaging通信。
所有对openstack的操作都可以用api来实现,官方链接:
http://docs.openstack.org/api/
http://api.openstack.org/
API使用http协议,再加上 json数据格式,可以使用curl、http库、python client库来操作。
1、使用novaclient查看image list
#!/usr/bin/env python
import logging
import novaclient
from novaclient.v1_1 import client
# enable debug logging
logger = logging.getLogger('novaclient.client')
logger.setLevel(logging.DEBUG)
debug_stream = logging.StreamHandler()
logger.addHandler(debug_stream)
auth_url = 'http://10.100.20.22:5000/v2.0'
user = 'admin'
password = 'devstack'
project = 'demo'
region = 'RegionOne'
service = 'compute'
nova = client.Client(user, password, project, auth_url,
region_name=region, service_type=service)
results = nova.images.list(detailed=True)
for image in results:
print image.id, image.name, image.status
2、使用urllib2库查看image
#!/usr/bin/env python
import urllib2
import json
def get_keystone_token():
"""authenticate against keystone identity service
returns an auth token, and the service url
"""
user = 'admin'
password = 'devstack'
project = 'demo'
auth_url = 'http://10.100.20.22:5000/v2.0/tokens'
auth_request = urllib2.Request(auth_url)
auth_request.add_header('Content-Type', 'application/json;charset=utf8')
auth_request.add_header('Accept', 'application/json')
auth_request.add_header('User-Agent', 'python-mikeyp')
auth_data = {"auth":
{"tenantName": project,
"passwordCredentials": {
"username": user,
"password": password}
}
}
auth_request.add_data(json.dumps(auth_data))
auth_response = urllib2.urlopen(auth_request)
response_data = json.loads(auth_response.read())
token = response_data['access']['token']['id']
service_list = response_data['access']['serviceCatalog']
for s in service_list:
if s['type'] == 'compute' and s['name'] == "'Compute Service'":
break
nova_url = s['endpoints'][0]['publicURL']
return (token, nova_url)
token, service_url = get_keystone_token()
image_api = service_url + '/images/detail'
images_request = urllib2.Request(image_api)
images_request.add_header('Content-Type', 'application/json;charset=utf8')
images_request.add_header('Accept', 'application/json')
images_request.add_header('User-Agent', 'python-mikeyp')
images_request.add_header('X-Auth-Token', token)
images_request.add_header('X-Auth-Project-Id', 'demo')
image_response = urllib2.urlopen(images_request)
image_data = json.loads(image_response.read())
print json.dumps(image_data, indent=4)
OpenStack Web Stack
1、paste http server:http协议 + networking
2、webob请求和响应:http请求和响应的封装
3、openstack code(nova、glance、neutron、etc)
4、web service gateway interface(wsgi):wsgi是一种协议
WSGI简要概括:
1、wsgi application:python调用需要传入两个参数,a、wsgi environment,b、一个start_response函数;application会调用start_response,然后再return response
2、wsgi server:server会调用application
3、wsgi middleware:wsgi中间件,可以过滤请求
一个简单的wsgi application
[root@devstack tmp]# cat hello_world.py
# 使用paste+wsgi
from paste import httpserver
def application(environ, start_response):
start_response('200 ok', [('Content-type', 'text/html')])
return ['Hello World']
httpserver.serve(application, host='127.0.0.1', port=8888)
# 验证结果
[root@devstack tmp]# python hello_world.py
serving on
[root@devstack ~]# curl http://localhost:8888
Hello World
带有webob + paste + wsgi的application
[root@devstack tmp]# cat wsgi_webob.py
from webob import Response
from webob.dec import wsgify
from paste import httpserver
from paste.deploy import loadapp
ini_path = '/tmp/wsgi_webob.ini'
@wsgify
def application(request):
return Response('Hello World!')
def app_factory(global_config, **local_config):
return application
wsgi_app = loadapp('config:' + ini_path)
httpserver.serve(wsgi_app, host='127.0.0.1', port=8888)
[root@devstack tmp]# cat wsgi_webob.ini
[app:main]
paste.app_factory = wsgi_webob:app_factory
引入wsgi middleware中间件
[root@devstack tmp]# cat wsgi_webob_mi.py
from webob import Response
from webob.dec import wsgify
from webob import exc
from paste import httpserver
from paste.deploy import loadapp
ini_path = '/tmp/wsgi_webob_mi.ini'
@wsgify
def application(request):
return Response('Hello World!')
@wsgify.middleware
def auth_filter(request, app):
if request.headers.get('X-Auth-Token') != 'open-sesame':
return exc.HTTPForbidden()
return app(request)
def app_factory(global_config, **local_config):
return application
def filter_factory(global_config, **local_config):
return auth_filter
wsgi_app = loadapp('config:' + ini_path)
httpserver.serve(wsgi_app, host='127.0.0.1', port=8888)
[root@devstack tmp]# cat wsgi_webob_mi.ini
[pipeline:main]
pipeline = auth main1
[app:main1]
paste.app_factory = wsgi_webob_mi:app_factory
[filter:auth]
paste.filter_factory = wsgi_webob_mi:filter_factory
# 验证结果
[root@devstack tmp]# python wsgi_webob_mi.py
serving on
[root@devstack ~]# curl -H "X-Auth-Token: open-sesame" http://localhost:8888
Hello World!
[root@devstack ~]# curl http://localhost:8888
# 无结果
还有eventlet.wsgi也有必要了解,链接:http://eventlet.net/doc/modules/wsgi.html
参考链接
https://github.com/lhrc-mikeyp/Presentations/blob/master/openstack_api_wsgi/OpenStack_WSGI.pdf