Jump to: navigation, search

Difference between revisions of "Occi"

(updated guide)
Line 11: Line 11:
  
 
== How to use the OCCI interface ==
 
== How to use the OCCI interface ==
The following sections demonstrate how OCCI can be used - it just shows the general operations - not the full feature set.
 
== OCCI and [[OpenStack]]: What can I do? ==
 
 
This guide will explain what you can do with the current OCCI implementation for [[OpenStack]]
 
This guide will explain what you can do with the current OCCI implementation for [[OpenStack]]
  
== First up, prerequisites: ==
+
=== First up, prerequisites: ===
=== Get a running instance of [[OpenStack]] ===
+
==== Get a running instance of [[OpenStack]] ====
 
Lots of ways to do this:
 
Lots of ways to do this:
  
 
* Install with apt-get
 
* Install with apt-get
* Install with [[puppet|http://puppetlabs.com/]]
+
* Install with [puppet](http://puppetlabs.com/)
* Install with [[chef|http://www.opscode.com/chef/]]
+
* Install with [chef](http://www.opscode.com/chef/)
* Install with [[crowbar|https://github.com/dellcloudedge/crowbar/]]
+
* Install with [crowbar](https://github.com/dellcloudedge/crowbar/)
* Install with [[devstack|http://devstack.org/]]
+
* Install with [devstack](http://devstack.org/)
  
The easiest for experimentation and evaluation is [[devstack|http://devstack.org/]].
+
The easiest for experimentation and evaluation is [devstack](http://devstack.org/).
  
=== Running [[OpenStack]] with OCCI ===
+
==== Running [[OpenStack]] with OCCI ====
 
Install the OCCI **pyssf** library:
 
Install the OCCI **pyssf** library:
  
Line 55: Line 53:
 
The OCCI API is now available on localhost:8787/
 
The OCCI API is now available on localhost:8787/
  
=== Configure devstack to run the volume service. ===
+
==== Configure devstack to run the volume service. ====
 
Edit `localrc` and insert:
 
Edit `localrc` and insert:
  
 
<pre><nowiki>{
 
<pre><nowiki>{
     ENABLED_SERVICES=g-api,g-reg,key,n-api,n-crt,n-obj,n-cpu,n-net,n-sch,n-novnc,n-xvnc,n-cauth,horizon,mysql,rabbit,n-vol,openstackx
+
     ENABLED_SERVICES=g-api,g-reg,key,n-api,n-crt,n-obj,n-cpu,n-net,n-sch,n-novnc,n-xvnc,n-cauth,horizon,mysql,rabbit,n-vol,openstackx,q-svc,quantum,q-agt
 +
    Q_PLUGIN=openvswitch
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Create some Custom Flavors ===
+
==== Create some Custom Flavors ====
 
Do this if you want to experiment with scaling up a VM on devstack.  
 
Do this if you want to experiment with scaling up a VM on devstack.  
  
Line 80: Line 79:
 
* **Note**: your VM must have **at least** 1GB of RAM*
 
* **Note**: your VM must have **at least** 1GB of RAM*
  
=== Get Authentication Credentials from Keystone ===
+
==== Get Authentication Credentials from Keystone ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
     curl -d '{"auth": {"tenantName": "demo", "passwordCredentials":{"username": "admin", "password": "admin"</nowiki></pre>
+
     curl -d '{"auth": {"tenantName": "$YOUR_TENANT_NAME", "passwordCredentials":{"username": "$YOUR_USER_NAME", "password": "$YOUR_PASSWORD"</nowiki></pre>
 
' -H "Content-type: application/json" http://$KEYSTONE_SERVICE_IP:35357/v2.0/tokens
 
' -H "Content-type: application/json" http://$KEYSTONE_SERVICE_IP:35357/v2.0/tokens
 
     export KID=<<Token from Keystone>>
 
     export KID=<<Token from Keystone>>
 
</nowiki></pre>
 
</nowiki></pre>
 
}     
 
}     
=== Get the Tenant ID from [[OpenStack]] ===
+
==== Get the Tenant ID from [[OpenStack]] ====
  
 
Get it from the dashboard
 
Get it from the dashboard
Line 97: Line 96:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Get a valid Tenant User ===
+
==== Get a valid Tenant User ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 105: Line 104:
 
This requirement will go by having an OCCI-specific authentication middleware
 
This requirement will go by having an OCCI-specific authentication middleware
  
== OCCI-ness ==
+
=== OCCI-ness ===
  
'''''Note''''': The examples below relays content in the headers. It is advised to use either content in the body as text or JSON.
+
_**Note**:_ some confusion will happen if a content-type is not specified.
  
=== See What Can be Provisioned ===
+
==== See What Can be Provisioned ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 115: Line 114:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Create a VM ===
+
==== Create a VM ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
     curl -v -X POST localhost:8787/compute/ -H 'Category: compute; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"' -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: itsy; scheme="http://schemas.openstack.org/template/resource#"; class="mixin"' -H 'Category: cirros-0.3.0-x86_64-blank; scheme="http://schemas.openstack.org/template/os#"; class="mixin"'
+
     curl -v -X POST localhost:8787/compute/ -H 'Category: compute; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"' -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: itsy; scheme="http://schemas.openstack.org/template/resource#"; class="mixin"' -H 'Category: cirros-0.3.0-x86_64-uec; scheme="http://schemas.openstack.org/template/os#"; class="mixin"'
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
Line 129: Line 128:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Get a Listing of VMs ===
+
==== Get a Listing of VMs ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 135: Line 134:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Get an Individual VM's Details ===
+
==== Get an Individual VM's Details ====
  
 
<pre><nowiki>{     
 
<pre><nowiki>{     
Line 141: Line 140:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Execute a Stop Action Upon a VM ===
+
==== Execute a Stop Action Upon a VM ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 147: Line 146:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Execute a Start Action Upon a VM ===
+
==== Execute a Start Action Upon a VM ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 153: Line 152:
 
</nowiki></pre>
 
</nowiki></pre>
 
}     
 
}     
 +
_Note: this will probably result in an error state. Currently looking into the issue._
  
=== Create Some a Block Storage Volume ===
+
==== Create Some a Block Storage Volume ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 166: Line 166:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Show the Volume Details ===
+
==== Show the Volume Details: ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 172: Line 172:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Link and Associate that Volume to the New Instance ===
+
==== Link and Associate that Volume to the New Instance ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 184: Line 184:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Inspect the Storage Link ===
+
==== Inspect the Storage Link ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 190: Line 190:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Unlink and disassociate that volume with the new instance ===
+
==== Unlink and disassociate that volume with the new instance ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 196: Line 196:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Delete Storage Volume ===
+
==== Delete Storage Volume ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 202: Line 202:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Scale Up a VM ===
+
==== Scale Up a VM ====
 
Let's bump the current instance from itsy (128 RAM, 1 Core) to a bitsy flavour (256 RAM, 1 Core).
 
Let's bump the current instance from itsy (128 RAM, 1 Core) to a bitsy flavour (256 RAM, 1 Core).
  
Line 213: Line 213:
 
* This is a partial update with respect to OCCI.
 
* This is a partial update with respect to OCCI.
  
=== Confirm the Scaled Up VM ===
+
==== Confirm the Scaled Up VM ====
 +
This is [[OpenStack]] specific. Users must confirm that the scaled up VM is what they want and that their previous configuration is as expected.
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 219: Line 220:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Scale Down a VM ===
+
==== Scale Down a VM ====
 
Let's reduce the current instance from bitsy (256 RAM, 1 Core) to a itsy flavour (128 RAM, 1 Core).
 
Let's reduce the current instance from bitsy (256 RAM, 1 Core) to a itsy flavour (128 RAM, 1 Core).
  
Line 230: Line 231:
 
* This is a partial update with respect to OCCI.
 
* This is a partial update with respect to OCCI.
  
=== Delete a VM ===
+
==== Confirm the Scaled Down VM ====
 +
This is [[OpenStack]] specific. Users must confirm that the scaled up VM is what they want and that their previous configuration is as expected.
 +
 
 +
<pre><nowiki>{
 +
    curl -v -X POST "localhost:8787/compute/$VM?action=confirm_resize" -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: confirm_resize; scheme="http://schemas.openstack.org/instance/action#"; class="action"'
 +
</nowiki></pre>
 +
}
 +
==== Delete a VM ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 236: Line 244:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Update a VM: Change the OS ===
+
==== Update a VM: Change the OS ====
 
As an example, let's use SmartOS as the new OS
 
As an example, let's use SmartOS as the new OS
  
Line 248: Line 256:
 
* this destroys any data directly related to the VM. It does not destroy connected volumes
 
* this destroys any data directly related to the VM. It does not destroy connected volumes
  
=== Create a Security Group (Network Ingress) ===
+
==== Create a Security Group ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 254: Line 262:
 
</nowiki></pre>
 
</nowiki></pre>
 
}     
 
}     
 +
- Follows the [[OpenStack]] model. Groups of rules are associated with a compute resource.
  
* Follows the [[OpenStack]] model. Groups of rules are associated with a compute resource.
+
- A security group is associated with a compute. This is done by the addition or removal of a mixin to/from a compute instance
* A security group is associated with a compute. This is done by the addition or removal of a mixin to/from a compute instance
 
* Security rules can be added and removed to a security group (mixin). This is done by (dis)associating the rule with the group (mixin). Rules can be created and deleted.
 
  
=== Delete a Security Group ===
+
- Security rules can be added and removed to a security group (mixin). This is done by (dis)associating the rule with the group (mixin). Rules can be created and deleted.
  
<pre><nowiki>{
+
==== Create a Security Rule ====
    curl -v -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Content-Type: text/occi' -H 'Category: my_grp; scheme="http://www.mystuff.org/sec#"; class="mixin"' -X DELETE localhost:8787/-/
 
</nowiki></pre>
 
}
 
<!-- ### Create a Security Rule -->
 
 
To do so specify the rule parameters (as a Kind) and the group the rule (as a mixin) is to belong to. This associates the rule with the respective group. Let's add a rule for inbound SSH traffic to a security rule group. This group can then be supplied when provisioning VMs. The group can also be applied an already provisioned VM.
 
To do so specify the rule parameters (as a Kind) and the group the rule (as a mixin) is to belong to. This associates the rule with the respective group. Let's add a rule for inbound SSH traffic to a security rule group. This group can then be supplied when provisioning VMs. The group can also be applied an already provisioned VM.
  
Line 278: Line 281:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Get Security Rule's Details ===
+
==== List the Associated Compute Resources to a Group ====
 +
 
 +
<pre><nowiki>{
 +
    curl -v -X GET localhost:8787/mygroups/ -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER
 +
</nowiki></pre>
 +
}
 +
==== Get Security Rule's Details ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 284: Line 293:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Delete a Security Rule ===
+
==== Delete a Security Rule ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 290: Line 299:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Create a VM with a Security Group ===
+
==== Delete a Security Group ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
     curl -v -X POST localhost:8787/compute/ -H 'Category: compute; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"' -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: itsy; scheme="http://schemas.openstack.org/template/resource#"; class="mixin"' -H 'Category: cirros-0.3.0-x86_64-blank; scheme="http://schemas.openstack.org/template/os#"; class="mixin"' -H 'Category: my_grp; scheme="http://www.mystuff.org/sec#"; class="mixin"'
+
     curl -v -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Content-Type: text/occi' -H 'Category: my_grp; scheme="http://www.mystuff.org/sec#"; class="mixin"' -X DELETE localhost:8787/-/
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== List Floating IP Pools ===
+
==== Create a Secured VM with a Security Group ====
 +
 
 +
<pre><nowiki>{
 +
    curl -v -X POST localhost:8787/compute/ -H 'Category: compute; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"' -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: itsy; scheme="http://schemas.openstack.org/template/resource#"; class="mixin"' -H 'Category: cirros-0.3.0-x86_64-uec; scheme="http://schemas.openstack.org/template/os#"; class="mixin"' -H 'Category: my_grp; scheme="http://www.mystuff.org/sec#"; class="mixin"'
 +
</nowiki></pre>
 +
}   
 +
==== List Floating IP Pools ====
 
Request the Query Interface. Optionally filter on pool mixin.
 
Request the Query Interface. Optionally filter on pool mixin.
  
Line 303: Line 318:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Allocate Floating IP to VM ===
+
==== Allocate Floating IP to VM ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 309: Line 324:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== View Allocated Floating IP ===
+
==== View Allocated Floating IP ====
 
GET the VM and inspect the `org.openstack.network.floating.ip` attribute
 
GET the VM and inspect the `org.openstack.network.floating.ip` attribute
  
=== Deallocate Floating IP to VM ===
+
==== Deallocate Floating IP to VM ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 318: Line 333:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
==== Current Issue ====
+
===== Current Issue =====
 
OS allows multiple floating IPs per server. Current OCCI implementation only allows one IP per compute resource. Multiple IP support will be implemented and can be done by links, once pyssf supports arbitrary values in the Link category.
 
OS allows multiple floating IPs per server. Current OCCI implementation only allows one IP per compute resource. Multiple IP support will be implemented and can be done by links, once pyssf supports arbitrary values in the Link category.
  
=== Create a Network ===
+
=== Work in Progress ===
 +
 
 +
Integration of Quantum
 +
==== Create a Network ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 333: Line 351:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Get Network Details ===
+
==== Get Network Details ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 339: Line 357:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
=== Attach a VM to the Network ===
+
==== Attach a VM to the Network ====
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 345: Line 363:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
 
+
==== Delete Network ====
=== Delete Network ===
 
  
 
<pre><nowiki>{
 
<pre><nowiki>{
Line 352: Line 369:
 
</nowiki></pre>
 
</nowiki></pre>
 
}
 
}
 
+
=== TODOs ===
== TODOs ==
 
  
 
* Write an OCCI registry backend that reads from the OS Nova DB
 
* Write an OCCI registry backend that reads from the OS Nova DB
* Bring OCCI on OS to parity
 
 
* Integrate CDMI volume management like in rOCCI
 
* Integrate CDMI volume management like in rOCCI
 
+
* Support meta-data and file injection
== Release Note ==
 
TBD
 
 
 
== Implementation ==
 
The integration will use the [http://pyssf.sf.net pyssf] software package which delivers a OCCI WSGI application. This code will be used to integrate the OCCI interface.
 
 
 
=== UI Changes ===
 
Does not affect any GUI elements.
 
 
 
=== Code Changes ===
 
These are the changes we would love to see in the [[OpenStack]] compute api:
 
 
 
* Specify the size of a volume as float
 
* A way to retrieve the speed of an CPU
 
 
 
=== Migration ===
 
* N/A
 
 
 
== Test/Demo Plan ==
 
Unittests have been implemented and will be extended. Code is checked on a regularly basis to verify it meets the [[OpenStack]] coding guidelines. Compliance to the specification is ensured through publicly available OCCI testing tools (http://occi-wg.org/community/tools/).
 
 
 
== Unresolved issues ==
 
* N/A
 
 
 
----
 
[[Category:Spec]] [[Category:Nova]] [[Category:HowTo]]
 

Revision as of 15:35, 4 April 2012

  • Launchpad Entry: NovaSpec:bexar-open-cloud-compute-interface
  • Created: 11/10/2010
  • Contributors: Thijs Metsch (tmetsch), Andy Edmonds (dizz)

Summary

This will implement the Open Cloud Computing Interface (OCCI) within nova/api. OCCI is one of the first standards in Cloud Computing. The specification of OCCI can be found here: http://www.occi-wg.org

Implementation details

The OCCI interface is integrated using an WSGI application - it can coexist to the current APIs but offers a rich, flexible interoperable way to interact with OpenStack through a standardized interface.

How to use the OCCI interface

This guide will explain what you can do with the current OCCI implementation for OpenStack

First up, prerequisites:

Get a running instance of OpenStack

Lots of ways to do this:

The easiest for experimentation and evaluation is [devstack](http://devstack.org/).

Running OpenStack with OCCI

Install the OCCI **pyssf** library: 

{
    pip install pyssf

} Get a copy of **devstack**: 

{
    git clone https://github.com/openstack-dev/devstack.git
    cd devstack

} Edit `stackrc` and change `NOVA_REPO`: 

{
    NOVA_REPO=https://github.com/dizz/nova.git

} Now run devstack: 

{    
    ./stack.sh

} The OCCI API is now available on localhost:8787/

Configure devstack to run the volume service.

Edit `localrc` and insert: 

{
    ENABLED_SERVICES=g-api,g-reg,key,n-api,n-crt,n-obj,n-cpu,n-net,n-sch,n-novnc,n-xvnc,n-cauth,horizon,mysql,rabbit,n-vol,openstackx,q-svc,quantum,q-agt
    Q_PLUGIN=openvswitch

}

Create some Custom Flavors

Do this if you want to experiment with scaling up a VM on devstack.

1. In devstack add this to `localrc`: 

{
       EXTRA_FLAGS=(--allow_resize_to_same_host=True)

} 2. Create custom flavors: 

{
       nova-manage flavor create --name=itsy --cpu=1 --memory=128 --flavor=98 --root_gb=1 --ephemeral_gb=1
       nova-manage flavor create --name=bitsy --cpu=1 --memory=256 --flavor=99 --root_gb=1 --ephemeral_gb=1

}

  • **Note**: your VM must have **at least** 1GB of RAM*

Get Authentication Credentials from Keystone

{
    curl -d '{"auth": {"tenantName": "$YOUR_TENANT_NAME", "passwordCredentials":{"username": "$YOUR_USER_NAME", "password": "$YOUR_PASSWORD"

' -H "Content-type: application/json" http://$KEYSTONE_SERVICE_IP:35357/v2.0/tokens 

   export KID=<<Token from Keystone>>

</nowiki></pre> }

Get the Tenant ID from OpenStack

Get it from the dashboard Get it from the command line 

{
    export TEN_ID=<tenant ID>

}

 Get a valid Tenant User

{
    export OS_USER=<open stack user name>

} This requirement will go by having an OCCI-specific authentication middleware

OCCI-ness

_**Note**:_ some confusion will happen if a content-type is not specified.

See What Can be Provisioned

{
    curl -v -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -X GET localhost:8787/-/

}

Create a VM

{
    curl -v -X POST localhost:8787/compute/ -H 'Category: compute; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"' -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: itsy; scheme="http://schemas.openstack.org/template/resource#"; class="mixin"' -H 'Category: cirros-0.3.0-x86_64-uec; scheme="http://schemas.openstack.org/template/os#"; class="mixin"'

}

  • **Note**: you can supply the admin password and/or public ssh key pairs in this request*

For ease of this OCCI exercise, place the VM id into a shell variable e.g. 

{
    export VM=d54b4344-16be-486a-9871-2c566ef2263d

}

Get a Listing of VMs

{
    curl -v -X GET localhost:8787/compute/ -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER

}

Get an Individual VM's Details

{    
    curl -v -X GET localhost:8787/compute/$VM -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER

}

Execute a Stop Action Upon a VM

{
    curl -v -X POST "localhost:8787/compute/$VM?action=stop" -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: stop; scheme="http://schemas.ogf.org/occi/infrastructure/compute/action#"; class="action"'

}

Execute a Start Action Upon a VM

{
    curl -v -X POST localhost:8787/compute/$VM?action=start -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: start; scheme="http://schemas.ogf.org/occi/infrastructure/compute/action#"; class="action"'

} _Note: this will probably result in an error state. Currently looking into the issue._

Create Some a Block Storage Volume

{
    curl -v -X POST localhost:8787/storage/ -H 'Category: storage; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"' -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'X-OCCI-Attribute: occi.storage.size = 1.0'

} For ease of this OCCI exercise, place the volume id into a shell variable e.g. 

{
    export VOL=1

}

Show the Volume Details:

{
    curl -v -X GET localhost:8787/storage/$VOL -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER

}

Link and Associate that Volume to the New Instance

{
    curl -v -X POST localhost:8787/storage/link/ -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: storagelink; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"' -H 'X-OCCI-Attribute: occi.core.source="http://localhost:8787/compute/'$VM'"' -H 'X-OCCI-Attribute: occi.core.target="http://localhost:8787/storage/'$VOL'"' -H 'X-OCCI-Attribute: occi.storagelink.deviceid="/dev/vdc"' -H 'Content-Type: text/occi'

} For ease of this OCCI exercise, place the volume id into a shell variable e.g. 

{
    export VOL_LINK=aa49b313-9714-4cb3-92e3-13ab484235b

}

Inspect the Storage Link

{
    curl -v -X GET localhost:8787/storage/link/$VOL_LINK -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER

}

Unlink and disassociate that volume with the new instance

{
    curl -v -X DELETE localhost:8787/storage/link/$VOL_LINK -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Content-Type: text/occi'

}

Delete Storage Volume

{
    curl -v -X DELETE localhost:8787/storage/$VOL -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Content-Type: text/occi'

}

Scale Up a VM

Let's bump the current instance from itsy (128 RAM, 1 Core) to a bitsy flavour (256 RAM, 1 Core). 

{
    curl -v -X POST localhost:8787/compute/$VM -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: bitsy; scheme="http://schemas.openstack.org/template/resource#"; class="mixin"'

} _Notes:_

  • This is a partial update with respect to OCCI.

Confirm the Scaled Up VM

This is OpenStack specific. Users must confirm that the scaled up VM is what they want and that their previous configuration is as expected. 

{
    curl -v -X POST "localhost:8787/compute/$VM?action=confirm_resize" -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: confirm_resize; scheme="http://schemas.openstack.org/instance/action#"; class="action"'

}

Scale Down a VM

Let's reduce the current instance from bitsy (256 RAM, 1 Core) to a itsy flavour (128 RAM, 1 Core). 

{
    curl -v -X POST localhost:8787/compute/$VM -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: itsy; scheme="http://schemas.openstack.org/template/resource#"; class="mixin"'

} _Notes:_

  • This is a partial update with respect to OCCI.

Confirm the Scaled Down VM

This is OpenStack specific. Users must confirm that the scaled up VM is what they want and that their previous configuration is as expected. 

{
    curl -v -X POST "localhost:8787/compute/$VM?action=confirm_resize" -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: confirm_resize; scheme="http://schemas.openstack.org/instance/action#"; class="action"'

}

Delete a VM

{
    curl -v -X DELETE localhost:8787/compute/$VM -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER

}

Update a VM: Change the OS

As an example, let's use SmartOS as the new OS 

{
    curl -v -X POST localhost:8787/compute/$VM -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: SmartOS; scheme="http://schemas.openstack.org/template/os#"; class="mixin"'

} _Notes:_

  • this is in effect a partial update.
  • this destroys any data directly related to the VM. It does not destroy connected volumes

Create a Security Group

{
    curl -v -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Content-Type: text/occi' -H 'Category: my_grp; scheme="http://www.mystuff.org/sec#"; class="mixin"; rel="http://schemas.ogf.org/occi/infrastructure/security#group"; location="/mygroups/"' -X POST localhost:8787/-/

} 

- Follows the OpenStack model. Groups of rules are associated with a compute resource.

- A security group is associated with a compute. This is done by the addition or removal of a mixin to/from a compute instance

- Security rules can be added and removed to a security group (mixin). This is done by (dis)associating the rule with the group (mixin). Rules can be created and deleted.

Create a Security Rule

To do so specify the rule parameters (as a Kind) and the group the rule (as a mixin) is to belong to. This associates the rule with the respective group. Let's add a rule for inbound SSH traffic to a security rule group. This group can then be supplied when provisioning VMs. The group can also be applied an already provisioned VM. 

{    
    curl -v -X POST localhost:8787/network/security/rule/ -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: my_grp; scheme="http://www.mystuff.org/sec#"; class="mixin"' -H 'Category: rule; scheme="http://schemas.openstack.org/occi/infrastructure/network/security#"; class="kind"' -H 'X-OCCI-Attribute: occi.network.security.protocol = "TCP"' -H 'X-OCCI-Attribute: occi.network.security.to = 22' -H 'X-OCCI-Attribute: occi.network.security.from = 22' -H 'X-OCCI-Attribute: occi.network.security.range = "0.0.0.0/24"'

} For ease of this OCCI exercise, place the volume id into a shell variable e.g. 

{
    export RULE=1233323

}

List the Associated Compute Resources to a Group

{
    curl -v -X GET localhost:8787/mygroups/ -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER

}

Get Security Rule's Details

{
    curl -v -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -X GET http://localhost:8787/network/security/rule/$RULE

}

Delete a Security Rule

{
    curl -v -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -X DELETE http://localhost:8787/network/security/rule/$RULE

}

Delete a Security Group

{
    curl -v -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Content-Type: text/occi' -H 'Category: my_grp; scheme="http://www.mystuff.org/sec#"; class="mixin"' -X DELETE localhost:8787/-/

}

Create a Secured VM with a Security Group

{
    curl -v -X POST localhost:8787/compute/ -H 'Category: compute; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"' -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: itsy; scheme="http://schemas.openstack.org/template/resource#"; class="mixin"' -H 'Category: cirros-0.3.0-x86_64-uec; scheme="http://schemas.openstack.org/template/os#"; class="mixin"' -H 'Category: my_grp; scheme="http://www.mystuff.org/sec#"; class="mixin"'

}

List Floating IP Pools

Request the Query Interface. Optionally filter on pool mixin. 

{
    curl -v -X GET localhost:8787/-/ -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER

}

Allocate Floating IP to VM

{
    curl -v -X POST "localhost:8787/compute/$VM?action=alloc_float_ip" -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: alloc_float_ip; scheme="http://schemas.openstack.org/instance/action#"; class="action"' -H 'X-OCCI-Attribute: org.openstack.network.floating.pool="nova"'

}

View Allocated Floating IP

GET the VM and inspect the `org.openstack.network.floating.ip` attribute

Deallocate Floating IP to VM

{
    curl -v -X POST "localhost:8787/compute/$VM?action=dealloc_float_ip" -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: dealloc_float_ip; scheme="http://schemas.openstack.org/instance/action#"; class="action"'

}

Current Issue

OS allows multiple floating IPs per server. Current OCCI implementation only allows one IP per compute resource. Multiple IP support will be implemented and can be done by links, once pyssf supports arbitrary values in the Link category.

Work in Progress

Integration of Quantum

Create a Network

{
    curl -v -X POST localhost:8787/network/ -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: network; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"' -H 'occi.network.label="www"'

} For ease of this OCCI exercise, place the volume id into a shell variable e.g. 

{
    export NET=aa49b313-9714-4cb3-92e3-13ab484235b

}

Get Network Details

{
    curl -v -X GET localhost:8787/network/$NET_ID -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER

}

Attach a VM to the Network

{
    curl -v -X POST localhost:8787/networklink/ -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER -H 'Category: networkinterface; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"' -H 'X-OCCI-Attribute: occi.core.source="http://localhost:8787/compute/'$VM'"' -H 'X-OCCI-Attribute: occi.core.target="http://localhost:8787/network/'$NET'"'

}

Delete Network

{
    curl -v -X DELETE localhost:8787/network/$NET_ID -H 'Content-Type: text/occi' -H 'X-Auth-Token: '$KID -H 'X-Auth-Tenant-Id: '$TEN_ID -H 'X-Auth-User: '$OS_USER

}

TODOs

  • Write an OCCI registry backend that reads from the OS Nova DB
  • Integrate CDMI volume management like in rOCCI
  • Support meta-data and file injection
Retrieved from "https://wiki.openstack.org/w/index.php?title=Occi&oldid=12560"