A walk through of the CloudStack API. full screencast available at http://www.youtube.com/watch?v=ZPfm2EksIbc
An API to your cloud orchestrator is key to automation of your data center.
We go through the basics of Query API calls, unauthenticated on the integration port and authenticated calls using the access and secret keys of a users and computing a signature. We show how to compute a signature in Python.
We also highlight various CloudStack clients in many different languageas (java, php, ruby, clojure etc..) and show how to explore the API using firebug console in firefox or via the CloudStack interfactive shell cloudmonkey. This is a good complement to my talk on CloudMonkey.
4. Clients
• 15 clients and
counting… on Github
• Java, Python, Perl,
Ruby, C#, php, Clojure
5. Exploration
• Use a debugger console
• E.g Firebug
• As you navigate the UI,
check the http calls that
are being made
• Identify the methods
• Identify the parameters
passed to each call
6. HTTP
based
• API calls made via HTTP(s)
• Pass name of the call as command
• Pass list of key/value pairs as arguments to
the call
• GET method
• Response can be XML or JSON
• Query API that is RESTlike
http://gehrcke.de/2009/06/aws-about-api/
7. Integration Port
• Unauthenticated call
– Dangerous
– Don’t open it all
– Certainly don’t open it to the public internet
• Set the port on the UI
9. Authenticated calls
• Using http(s)
• API endpoint for the cloud
– http://localhost:8080/client/api?
• Command key to pass the name of the call
• Key/value pairs for the arguments
• API key of the user making the call
• Signature for authorization
11. Creating the signature
• Form the request url: list of key=value
pairs joined by & and encoded for http
transport
• Compute the signature:
– lower case values, replace + with %20
– generate the hmac using sha1 hash function
– Base64 encode the digest
– Encode for http transport
• Form the entire request adding the signature:
&signature=
12. Example
>>> request
{'apikey': 'plgWJfZK4gyS3mOMTVmjUVg-X-jlWlnfaUJ9GAbBbf9EdM-
kAYMmAiLqzzq1ElZLYq_u38zCm0bewzGUdP66mg', 'command': 'listUsers',
'response': 'json'}
>>>request_url="&".join(["=".join([r,urllib.quote_plus(request[r])
]) for r in request.keys()])
>>>sig_url="&".join(["=".join([r.lower(),urllib.quote_plus(request
[r]).lower()]) for r in sorted(request.iterkeys())])
>>>sig=urllib.quote_plus(base64.encodestring(hmac.new(secretkey,si
g_url,hashlib.sha1).digest()).strip())
>>> req=url+request_url+'&signature='+sig
>>> res=urllib2.urlopen(req)
>>> res.read()
13. REST
• REST stands for Representational State
Transfer
• Architectural style to design web services
introduced by Roy Fielding (former ASF chair)
• Premise:
– HTTP protocol is enough to create web services
and change the state of web resources
– HTTP methods can be used to change the state
– Eases web services design compared to SOAP
http://en.wikipedia.org/wiki/Roy_Fielding
http://en.wikipedia.org/wiki/Representational_State_Transfer
14. REST
• REST style web services couple be
implemented with other protocol than http
• But http provides all that is needed
http://en.wikipedia.org/wiki/Representational_State_Transfer
15. REST API
• The CloudStack API is a query API
• It is RESTlike but not RESTfull
• Example:
listUsers() a GET vs GET
updateUser() a GET vs PATCH
createUser() a GET vs POST
deleteUser() a GET vs DELETE
http://gehrcke.de/2009/06/aws-about-api/
http://publish.luisrei.com/articles/flaskrest.html
16. Exercise
• Build a REST interface to CloudStack
• Use Flask a Lightweight Python web
framework
http://flask.pocoo.org
http://publish.luisrei.com/articles/flaskrest.html
17. Exercise
from flask import Flask
app = Flask(__name__)
@app.route("/")
def hello():
return "Hello World!"
if __name__ == "__main__":
app.run(debug=True)
Flask allows you to define web routes and
functions that get executed when these routes
are called.
19. Info
• Apache Top Level Project (TLP)
• http://cloudstack.apache.org
• #cloudstack and #cloudstack-dev on irc.freenode.net
• @CloudStack on Twitter
• http://www.slideshare.net/cloudstack
• dev-subscribe@cloudstack.apache.org
• users-subscribe@cloudstack.apache.org
Welcoming contributions and feedback, Join the fun !