root / docs / examplesdir / astakos.rst @ 9d84caa4
History | View | Annotate | Download (10.7 kB)
1 |
Astakos |
---|---|
2 |
======= |
3 |
|
4 |
`Astakos <http://www.synnefo.org/docs/synnefo/latest/astakos-api-guide.html>`_ |
5 |
is the synnefo implementation of a variant of OpenStack Keystone with custom |
6 |
extentions. Kamaki offer tools for managing Astakos information. |
7 |
|
8 |
.. node:: The underlying library that calls the API is part of the synnefo |
9 |
and it is called 'astakosclient' |
10 |
|
11 |
User |
12 |
---- |
13 |
|
14 |
The *authenticate* command will send a token to the server, for authentication. |
15 |
Be default, the token provided in the cloud configuration (config file) will be |
16 |
used: |
17 |
|
18 |
.. code-block:: console |
19 |
|
20 |
$ kamaki user authenticate |
21 |
... |
22 |
endpoints: |
23 |
SNF:uiURL: https://example.com/ui/ |
24 |
versionId: |
25 |
region: default |
26 |
publicURL: https://example.com/admin |
27 |
endpoints_links: |
28 |
type: admin |
29 |
name: cyclades_admin |
30 |
user: |
31 |
roles_links: |
32 |
id: s0m3-u53r-1d |
33 |
roles: |
34 |
id: 1 |
35 |
name: default |
36 |
name: Example User |
37 |
|
38 |
To authenticate other users, provide their token, as shown bellow: |
39 |
|
40 |
.. code-block:: console |
41 |
|
42 |
$ kamaki user add z01db3rgs-u53r-t0k3n |
43 |
... |
44 |
endpoints: |
45 |
SNF:uiURL: https://example.com/ui/ |
46 |
versionId: |
47 |
region: default |
48 |
publicURL: https://example.com/admin |
49 |
endpoints_links: |
50 |
type: admin |
51 |
name: cyclades_admin |
52 |
user: |
53 |
roles_links: |
54 |
id: z01db3rgs-u53r-1d |
55 |
roles: |
56 |
id: 1 |
57 |
name: default |
58 |
name: Dr. Harold Zoidberg |
59 |
$ kamaki user list |
60 |
s0m5-u53r-1d Example User |
61 |
z01db3rgs-u53r-1d Dr. Harold Zoidberg |
62 |
|
63 |
At any time, get the current user's information, or provide a user id for |
64 |
information on any existing user. In the following example, "Example User" is |
65 |
the current user, meaning that all kamaki commands will run for him/her. |
66 |
|
67 |
.. code-block:: console |
68 |
|
69 |
$ kamaki user info |
70 |
roles_links: |
71 |
id: s0m3-u53r-1d |
72 |
roles: |
73 |
id: 1 |
74 |
name: default |
75 |
name: Example User |
76 |
|
77 |
$ kamaki user info --uuid=z01db3rgs-u53r-1d |
78 |
roles_links: |
79 |
id: z01db3rgs-u53r-1d |
80 |
roles: |
81 |
id: 1 |
82 |
name: default |
83 |
name: EDr. Harold Zoidberg |
84 |
|
85 |
You can switch between authenticated users |
86 |
|
87 |
.. code-block:: console |
88 |
|
89 |
$ kamaki user select z01db3rgs-u53r-1d |
90 |
Are you sure? [y/N]: y |
91 |
|
92 |
Use the *uuid2name* and *name2uuid* commands to map uuids to usernames and vice |
93 |
versa. |
94 |
|
95 |
.. code-block:: console |
96 |
|
97 |
$ kamaki user uuid2name z01db3rgs-u53r-1d s0m3-u53r-1d |
98 |
z01db3rgs-u53r-1d: zoidberg@planetexpress.com |
99 |
s0m3-u53r-1d: someuser@example.com |
100 |
|
101 |
Quotas and resources |
102 |
-------------------- |
103 |
|
104 |
Each user is assigned a set of limits on various resources: |
105 |
|
106 |
.. code-block:: console |
107 |
|
108 |
$ kamaki quota list |
109 |
system: |
110 |
cyclades.disk: |
111 |
usage: 0B |
112 |
limit: 100GiB |
113 |
pending: 0B |
114 |
cyclades.vm: |
115 |
usage: 0 |
116 |
limit: 2 |
117 |
pending: 0 |
118 |
pithos.diskspace: |
119 |
usage: 5.11GiB |
120 |
limit: 50GiB |
121 |
pending: 0B |
122 |
cyclades.ram: |
123 |
usage: 0B |
124 |
limit: 8GiB |
125 |
pending: 0B |
126 |
cyclades.cpu: |
127 |
usage: 0 |
128 |
limit: 8 |
129 |
pending: 0 |
130 |
cyclades.network.private: |
131 |
usage: 0 |
132 |
limit: 5 |
133 |
pending: 0 |
134 |
|
135 |
If the information above is not clear, use *resource list* for descriptions |
136 |
fetched fresh from the server: |
137 |
|
138 |
.. code-block:: console |
139 |
|
140 |
$ kamaki resource list |
141 |
cyclades.disk: |
142 |
service: cyclades_compute |
143 |
description: Virtual machine disk size |
144 |
unit: bytes |
145 |
allow_in_projects: True |
146 |
cyclades.vm: |
147 |
service: cyclades_compute |
148 |
description: Number of virtual machines |
149 |
unit: None |
150 |
allow_in_projects: True |
151 |
pithos.diskspace: |
152 |
service: pithos_object-store |
153 |
description: Pithos account diskspace |
154 |
unit: bytes |
155 |
allow_in_projects: True |
156 |
cyclades.ram: |
157 |
service: cyclades_compute |
158 |
description: Virtual machine memory size |
159 |
unit: bytes |
160 |
allow_in_projects: True |
161 |
cyclades.cpu: |
162 |
service: cyclades_compute |
163 |
description: Number of virtual machine processors |
164 |
unit: None |
165 |
allow_in_projects: True |
166 |
cyclades.network.private: |
167 |
service: cyclades_compute |
168 |
description: Number of private networks |
169 |
unit: None |
170 |
allow_in_projects: True |
171 |
|
172 |
Projects |
173 |
-------- |
174 |
|
175 |
If the standard policy of a synnefo deployment does not meet the needs of an |
176 |
organization, they should make a request for a *synnefo project*. |
177 |
|
178 |
First, create a file with the project specification. The specification should |
179 |
be in json format, as described at the |
180 |
`project API <http://www.synnefo.org/docs/synnefo/latest/project-api-guide.html#create-a-project>`_ |
181 |
(see "Example request"). |
182 |
|
183 |
Let's request a project of 48 CPUs, with an 8 CPU limit per member. Also 200GB |
184 |
storage space per user, without a project limit. |
185 |
|
186 |
.. code-block:: console |
187 |
|
188 |
$ cat > my_project.txt |
189 |
{ |
190 |
"name": "My example project", |
191 |
"homepage": "http://www.exampleorganization.org", |
192 |
"description": "An example testing project", |
193 |
"comments": "We need more CPUs and more disk space", |
194 |
"end_date": "2031-02-13", |
195 |
"resources": { |
196 |
"cyclades.vm": { |
197 |
"project_capacity": 48, |
198 |
"member_capacity": 8 |
199 |
}, |
200 |
"pithos.diskspace": { |
201 |
"project_capacity": None, |
202 |
"member_capacity": 53687091200 |
203 |
} |
204 |
} |
205 |
} |
206 |
$ cat my_project.txt | kamaki project create |
207 |
|
208 |
List all the projects to see if our project is listed |
209 |
|
210 |
.. code-block:: console |
211 |
|
212 |
$ kamaki project list |
213 |
1 newtitle.film.example.com |
214 |
end_date: 2014-03-31T00:00:00+00:00 |
215 |
description: Our new film project |
216 |
join_policy: auto |
217 |
max_members: None |
218 |
applicant: s0m3-4pp1ic4n7 |
219 |
leave_policy: auto |
220 |
creation_date: 2013-01-31T09:36:04.061130+00:00 |
221 |
application: 4 |
222 |
state: active |
223 |
start_date: 2013-01-31T00:00:00+00:00 |
224 |
owner: s0m3-4pp1ic4n7 |
225 |
homepage: http://example.com/film |
226 |
resources: |
227 |
29 many.quotas |
228 |
end_date: 2013-12-12T00:00:00+00:00 |
229 |
description: I need more quotas |
230 |
join_policy: moderated |
231 |
max_members: 10 |
232 |
applicant: s0m3-u53r-1d |
233 |
leave_policy: auto |
234 |
creation_date: 2013-02-14T09:26:23.034177+00:00 |
235 |
application: 108 |
236 |
state: active |
237 |
start_date: 2013-02-14T00:00:00+00:00 |
238 |
owner: s0m3-u53r-1d |
239 |
homepage: http://example.com |
240 |
resources: |
241 |
cyclades.disk: |
242 |
member_capacity: 109951162777600 |
243 |
project_capacity: None |
244 |
cyclades.vm: |
245 |
member_capacity: 1000 |
246 |
project_capacity: None |
247 |
cyclades.cpu: |
248 |
member_capacity: 2000 |
249 |
project_capacity: None |
250 |
cyclades.ram: |
251 |
member_capacity: 4398046511104 |
252 |
project_capacity: None |
253 |
pithos.diskspace: |
254 |
member_capacity: 107374182400 |
255 |
project_capacity: None |
256 |
cyclades.floating_ip: |
257 |
member_capacity: 1000 |
258 |
project_capacity: None |
259 |
|
260 |
No, our project is not in the list yet, probably because we wait for (manual) |
261 |
authorization. |
262 |
|
263 |
To get information on a project: |
264 |
|
265 |
.. code-block:: console |
266 |
|
267 |
$ kamaki project info 29 |
268 |
name: many.quotas |
269 |
id: 29 |
270 |
end_date: 2013-12-12T00:00:00+00:00 |
271 |
description: I need more quotas |
272 |
join_policy: moderated |
273 |
max_members: 10 |
274 |
applicant: s0m3-u53r-1d |
275 |
leave_policy: auto |
276 |
creation_date: 2013-02-14T09:26:23.034177+00:00 |
277 |
application: 108 |
278 |
state: active |
279 |
start_date: 2013-02-14T00:00:00+00:00 |
280 |
owner: s0m3-u53r-1d |
281 |
homepage: http://example.com |
282 |
resources: |
283 |
cyclades.disk: |
284 |
member_capacity: 109951162777600 |
285 |
project_capacity: None |
286 |
cyclades.vm: |
287 |
member_capacity: 1000 |
288 |
project_capacity: None |
289 |
cyclades.cpu: |
290 |
member_capacity: 2000 |
291 |
project_capacity: None |
292 |
cyclades.ram: |
293 |
member_capacity: 4398046511104 |
294 |
project_capacity: None |
295 |
pithos.diskspace: |
296 |
member_capacity: 107374182400 |
297 |
project_capacity: None |
298 |
cyclades.floating_ip: |
299 |
member_capacity: 1000 |
300 |
project_capacity: None |
301 |
|
302 |
Project membership |
303 |
------------------ |
304 |
|
305 |
Assuming that our project has been approved and assigned the id 42, we can now |
306 |
see its details and assign users to benefit from it. |
307 |
|
308 |
.. code-block:: console |
309 |
|
310 |
$ kamaki project info 42 |
311 |
name: My example project |
312 |
id: 42 |
313 |
end_date: 2031-02-13T00:00:00+00:00 |
314 |
description: An example testing project |
315 |
commends: We need more CPUs and more disk space |
316 |
join_policy: moderated |
317 |
applicant: s0m3-u53r-1d |
318 |
leave_policy: auto |
319 |
creation_date: <NOW> |
320 |
application: 109 |
321 |
state: active |
322 |
start_date: <NOW> |
323 |
owner: s0m3-u53r-1d |
324 |
homepage: http://example.com |
325 |
resources: |
326 |
cyclades.disk: |
327 |
member_capacity: 107374182400 |
328 |
project_capacity: None |
329 |
cyclades.vm: |
330 |
member_capacity: 2 |
331 |
project_capacity: None |
332 |
cyclades.cpu: |
333 |
member_capacity: 8 |
334 |
project_capacity: 48 |
335 |
cyclades.ram: |
336 |
member_capacity: 6442450944 |
337 |
project_capacity: None |
338 |
pithos.diskspace: |
339 |
member_capacity: 53687091200 |
340 |
project_capacity: None |
341 |
cyclades.floating_ip: |
342 |
member_capacity: 2 |
343 |
project_capacity: None |
344 |
|
345 |
Great! Now, we should allow some users to benefit from this project: |
346 |
|
347 |
.. code-block:: console |
348 |
|
349 |
$ kamaki membership enroll 42 my_favorite@user.example.com |
350 |
Membership id: 128345 |
351 |
$ kamaki membership enroll 42 that_guy@user.example.com |
352 |
Membership id: 128346 |
353 |
$ kamaki membership list --with-project-id=42 |
354 |
128345 |
355 |
42 my_favorite@user.example.com OK |
356 |
238346 |
357 |
42 that_guy@user.example.com OK |
358 |
|
359 |
We changed our minds: we don't want the last user to be part of the project: |
360 |
|
361 |
.. code-block:: console |
362 |
|
363 |
$ kamaki membership remove 238346 "Our cooperation was not productive" |
364 |
|
365 |
Later, the removed user attempts to apply for our project: |
366 |
|
367 |
.. code-block:: console |
368 |
|
369 |
that_guy$ kamaki membership join 42 |
370 |
|
371 |
We may reject his application: |
372 |
|
373 |
.. code-block:: console |
374 |
|
375 |
$ kamaki memebrship list |
376 |
128345 |
377 |
42 my_favorite@user.example.com OK |
378 |
238347 |
379 |
42 that_guy@user.example.com PENDING |
380 |
$ kamaki membership reject 238347 "Not in need of a new partner" |
381 |
|
382 |
or accept: |
383 |
|
384 |
.. code-block:: console |
385 |
|
386 |
$ kamaki membership accept 238347 |
387 |
|
388 |
In the later case, the user decided to leave the project: |
389 |
|
390 |
.. code-block:: console |
391 |
|
392 |
that_guy$ kamaki membership leave 42 |