CloudStack Support in Apache libcloud
原文作者:Mark Hinkle
原文地址:https://dzone.com/articles/cloudstack-support-apache
译者:微博@从流域到海域
译者博客:blog.csdn.net/solo95
本文同样刊载于腾讯云+:
https://cloud.tencent.com/developer/article/1015316
Apache libcloud中对CloudStack支持
Curator’s Not:这篇文章的内容是由Sebastien Goasguen在Build a Cloud博客_撰写的。(Curator本意是指博物馆的策划展览人,在Apache的世界中是指其公司下zookeeper的一个Java/JVM的客户端库具体请参考:https://curator.apache.org/,译者注。)
对于0.13版本的libcloud开发列表已经开始投票了。版本发行说明中详细介绍了所有的新功能和bug修复。我对此很感兴趣,因为我提交的一些补丁包含在这个候选版本中。我修补了 CloudStack 的驱动程序,以便像Exoscale那样用一个基本空间(basic zone)改善对云的支持 。这个驱动程序还有更多的工作要做,包括更好地支持高级空间(Advanced zone),特别是端口转发,防火墙规则 和更多的单元测试。上个星期天CloudStack hackathon的用户@pst418提交了一些单元测试的的补丁,他们也把它变成了0.13 RC版本,真是太棒了。
以便你不知道libcloud,它是一个基于Python的API包装来对各种云API进行抽象。通过使用libcloud,您可以创建连接到多个云,这些云可以使用不同的API。在较高的层面上,它与jclouds for JAVA或者用ruby编写的deltacloud相似。其实已经有一个CloudStack驱动程序了,但其功能是有限的。如果你使用我的quickie libcloud shell脚本,你可以尝试使用libcloud和CloudStack的基本区域(basic zone)进行这个演练。当然你需要一个CloudStack终端。
启动libshell并检查您所在的区域(zone):
$ python ./libshell.py
Hello LibCloud Shell !!
You are running at: https://api.exoscale.ch/compute
>>> conn.list_locations()
[<NodeLocation: id=1128bd56-b4d9-4ac6-a7b9-c715b187ce11, name=CH-GV2, country=AU, driver=CloudStack>]
你可能会注意到一个错误的国家代码,它是在libcloud上写死的硬编码(hard code),我需要为此提交一个bug。获取模板列表(或libcloud中的图片):
>>> conn.list_images()
[<NodeImage: id=01df77c3-0150-412a-a580-413a50924a18, name=Windows Server 2008 R2 SP1, driver=CloudStack ...>,
<NodeImage: id=89ee852c-a5f5-4ab9-a311-89f39d133e88, name=Windows Server 2008 R2 SP1, driver=CloudStack ...>,
<NodeImage: id=ccd142ec-83e3-4108-b1c5-8e1fdb353ff9, name=Windows Server 2008 R2 SP1, driver=CloudStack ...>, <NodeImage: id=f2101a0c-eaf7-4760-a143-0a5c940fd864, name=Windows Server 2008 R2 SP1, driver=CloudStack ...>, <NodeImage: id=77d32782-6866-43d4-9524-6fe346594d09, name=CentOS 5.5(64-bit) no GUI (KVM), driver=CloudStack ...>,
<NodeImage: id=29cba09f-4569-4bb3-95e7-71f833876e3e, name=Windows Server 2012, driver=CloudStack ...>,
<NodeImage: id=ee241b47-4303-40c8-af58-42ed6bf09f8c, name=Windows Server 2012, driver=CloudStack ...>,
<NodeImage: id=754ea486-d649-49e5-a70e-5e5d458f0df0, name=Windows Server 2012, driver=CloudStack ...>,
<NodeImage: id=0f9f4f49-afc2-4139-b26b-b05a9f51ea74, name=Windows Server 2012, driver=CloudStack ...>,
<NodeImage: id=954752a8-0486-46bb-8e3f-0adb3e01c619, name=Linux CentOS 6.4 64-bit, driver=CloudStack ...<]
我降低了以前的输出(output),但是在这个云上也有Ubuntu和CentOS镜像…然后你可以在libcloud中列出不同类型或者大小的实例。
>>> conn.list_sizes()
[<NodeSize:id = 71004023-bb72-4a97-b1e9-bc66dfce9470,name = Micro,ram = 512 disk = 0 bandwidth = 0 price = 0 driver = CloudStack ...>
<NodeSize:id = b6cd1ff5-3a2f-4e9d-a4d1-8988c1191fe8,name = Tiny,ram = 1024 disk = 0 bandwidth = 0 price = 0 driver = CloudStack ...>
<NodeSize:id = 21624abb-764e-4def-81d7-9fc54b5957fb,name = Small,ram = 2048 disk = 0 bandwidth = 0 price = 0 driver = CloudStack ...>
<NodeSize:id = b6e9d1e8-89fc-4db3-aaa4-9b4c5b1d0844,name = Medium,ram = 4096 disk = 0 bandwidth = 0 price = 0 driver = CloudStack ...>
<NodeSize:id = c6f99499-7f59-4138-9427-a09db13af2bc,name = Large,ram = 8182 disk = 0 bandwidth = 0 price = 0 driver = CloudStack ...>
<NodeSize:id = 350dc5ea-fe6d-42ba-b6c0-efb8b75617ad,name = Extra-large,ram = 16384 disk = 0 bandwidth = 0 price = 0 driver = CloudStack ...>
<NodeSize:id = a216b0d1-370f-4e21-a0eb-3dfc6302b564,name = Huge,ram = 32184 disk = 0 bandwidth = 0 price = 0 driver = CloudStack ...>]
我添加的是ssh密钥对和安全组的管理,您现在可以列出,创建和删除密钥对和安全组,并在部署节点时使用这些密钥对和安全组。(不要试图用下面的键做任何事情,我删除了所有东西。)
>>> conn.ex_list_keypairs()
[{u'name': u'foobar', u'fingerprint': u'b9:2d:4b:07:db:e7:3e:42:17:11:22:33:44:55:66:77'}]
>>> conn.ex_list_security_groups()
[{u'egressrule': [], u'account': u'
foobar@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'description': u'Default Security Group', u'tags': [], u'domain': u'
foobar@gmail.com', u'ingressrule': [{u'startport': 22, u'cidr': u'0.0.0.0/0', u'protocol': u'tcp', u'endport': 22, u'ruleid': u'b83428c0-7f4c-44d1-bc96-4e1720168fdf'}, {u'startport': 80, u'cidr': u'0.0.0.0/0', u'protocol': u'tcp', u'endport': 80, u'ruleid': u'042124dd-652d-4fa2-8bee-d69973380f21'}], u'id': u'ebfa2339-e9ae-4dcb-b73c-a76cd3fce39e', u'name': u'default'}, {u'account': u'
foobar@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'description': u'this is a test', u'domain': u'
foobar@gmail.com', u'id': u'b7f5fbad-4244-491f-9547-c91a010e0c9d', u'name': u'toto'}]
>>> conn.ex_create_keypair('test')
{u'privateKey': u'-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCAuPufJnbzFkyIUaMymkXwfilA5qS2J9fx2Q3EWNDs1m89FLFq
19ERjG43ZvRuI/KGwWZwHbhqoqJth7WQYNelYCmOUYRaepxTrpU4TGDGuhqMh9D9
oNMIFx3ktkcTitxkSY/5h/pXqSB2XXURLpZWwZxjEYwWCpWE8i7uVtIR7wIDAQAB
AoGAOv0Kik9lOVbhsaK/yAO8w039d7l6h+NQaYtPbMhKzg4iofomp9DJBWK2a3sp
zoN4s9pTKFPmXC+1gb4sLULD72ENSgyozrPMCJ0tytNa3ebVCCYDvlagEZ83KwGn
nr2BIRLul1xyHVa+amvTemuxi7OOx0u/0aZ6jPVW9ocPahkCQQDnUACG3Q2p60Mx
CttW7Go2wz0BhaI8ibG8rHorhdrFJUrsTI6QrLh340uHCIEAuWUXjYDX2u5MTPBG
jWbL/A/9AkEAjnX8EzO/B/RooFTxhYdxv7D1Dzcx4H59mFzjez6N/mjAHjKL4p66
qGFgLa9HMhDPFOs83VetBXcihu1vueffWwJBALQUD2TvAS0wz82FYz8nrITXuE3Q
CH7Sv8FgEXiCq89hehO+ghrVrIMBPBJzJ2M18iLE8fKaKXzTRRfYC5hwss0CQHY8
BdIKCGoZtxwaY7lnCEkIHNtb+9FOKf7iWQpYiJC1b32ghei3xEMrTh+ccYJj4PqD
oigyNC9tCQLi3O92OjECQGYR2z8IDlfnl7G8p7eiyBciuoDyyq5/oJHhkHbkbwzrnW0Uun+rEcjRnXbUN8wUQ6FSFrxk2VSajbCBteTOrF24=
-----END RSA PRIVATE KEY-----
', u'name': u'test', u'fingerprint': u'43:59:7e:00:16:45:fc:ab:81:55:03:47:12:22:1e:d5'}
>>> conn.ex_list_keypairs()
[{u'name': u'test', u'fingerprint': u'43:59:7e:00:16:45:fc:ab:81:55:03:47:12:22:1e:d5'}, {u'name': u'foobar', u'fingerprint': u'b9:2d:4b:07:db:e7:3e:42:17:11:22:33:44:55:66:77'}]
>>> conn.ex_delete_keypair('test')
u'true'
>>> conn.ex_list_keypairs()
[{u'name': u'foobar', u'fingerprint': u'b9:2d:4b:07:db:e7:3e:42:17:11:22:33:44:55:66:77'}]
>>> conn.ex_create_security_group('heyhey')
{u'account': u'
runseb@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'id': u'77ad73b5-a383-4e13-94be-a38ef9877996', u'domain': u'
runseb@gmail.com', u'name': u'heyhey'}
>>> conn.ex_list_security_groups()
[{u'egressrule': [], u'account': u'
foobar@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'description': u'Default Security Group', u'tags': [], u'domain': u'
foobar@gmail.com', u'ingressrule': [{u'startport': 22, u'cidr': u'0.0.0.0/0', u'protocol': u'tcp', u'endport': 22, u'ruleid': u'b83428c0-7f4c-44d1-bc96-4e1720168fdf'}, {u'startport': 80, u'cidr': u'0.0.0.0/0', u'protocol': u'tcp', u'endport': 80, u'ruleid': u'042124dd-652d-4fa2-8bee-d69973380f21'}], u'id': u'ebfa2339-e9ae-4dcb-b73c-a76cd3fce39e', u'name': u'default'}, {u'account': u'
foobar@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'description': u'this is a test', u'domain': u'
foobar@gmail.com', u'id': u'b7f5fbad-4244-491f-9547-c91a010e0c9d', u'name': u'toto'}, {u'account': u'
foobar@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'id': u'77ad73b5-a383-4e13-94be-a38ef9877996', u'domain': u'
foobar@gmail.com', u'name': u'heyhey'}]
>>> conn.ex_delete_security_group('heyhey')
u'true'
>>> conn.ex_list_security_groups()
[{u'egressrule': [], u'account': u'
runseb@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'description': u'Default Security Group', u'tags': [], u'domain': u'
foobar@gmail.com', u'ingressrule': [{u'startport': 22, u'cidr': u'0.0.0.0/0', u'protocol': u'tcp', u'endport': 22, u'ruleid': u'b83428c0-7f4c-44d1-bc96-4e1720168fdf'}, {u'startport': 80, u'cidr': u'0.0.0.0/0', u'protocol': u'tcp', u'endport': 80, u'ruleid': u'042124dd-652d-4fa2-8bee-d69973380f21'}], u'id': u'ebfa2339-e9ae-4dcb-b73c-a76cd3fce39e', u'name': u'default'}, {u'account': u'
foobar@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'description': u'this is a test', u'domain': u'
foobar@gmail.com', u'id': u'b7f5fbad-4244-491f-9547-c91a010e0c9d', u'name': u'toto'}]
创建安全组后,您现在可以添加准入规则(或者译作入口规则):
>>> conn.ex_authorize_security_group_ingress(securitygroupname='toto',protocol='TCP',cidrlist='0.0.0.0./0',startport=99)
{u'egressrule': [], u'account': u'
foobar@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'description': u'this is a test', u'domain': u'
foobar@gmail.com', u'ingressrule': [{u'startport': 99, u'cidr': u'0.0.0.0./0', u'protocol': u'tcp', u'endport': 99, u'ruleid': u'a13a21f9-1709-431f-9c7d-e1a2c2caacdd'}], u'id': u'b7f5fbad-4244-491f-9547-c91a010e0c9d', u'name': u'toto'}
>>> conn.ex_list_security_groups()
[{u'egressrule': [], u'account': u'
foobar@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'description': u'Default Security Group', u'tags': [], u'domain': u'
foobar@gmail.com', u'ingressrule': [{u'startport': 22, u'cidr': u'0.0.0.0/0', u'protocol': u'tcp', u'endport': 22, u'ruleid': u'b83428c0-7f4c-44d1-bc96-4e1720168fdf'}, {u'startport': 80, u'cidr': u'0.0.0.0/0', u'protocol': u'tcp', u'endport': 80, u'ruleid': u'042124dd-652d-4fa2-8bee-d69973380f21'}], u'id': u'ebfa2339-e9ae-4dcb-b73c-a76cd3fce39e', u'name': u'default'}, {u'egressrule': [], u'account': u'
foobar@gmail.com', u'domainid': u'ab53d864-6f78-4993-bb28-9b8667b535a1', u'description': u'this is a test', u'tags': [], u'domain': u'
foobar@gmail.com', u'ingressrule': [{u'startport': 99, u'cidr': u'0.0.0.0./0', u'protocol': u'tcp', u'endport': 99, u'ruleid': u'a13a21f9-1709-431f-9c7d-e1a2c2caacdd'}], u'id': u'b7f5fbad-4244-491f-9547-c91a010e0c9d', u'name': u'toto'}]
好了,密钥对和安全组正常工作。现在让我们实践基础知识启动一个实例,我们暂时测试一下不在Driver中的暂停和恢复。没有什么惊天动地的,但这是一个改进。
>>> size=conn.list_sizes()
>>> image=conn.list_images()
>>> n=conn.create_node(name='yoyo',size=size[0],image=image[0])
>>> n.ex_stop()
u'Stopped'
>>> n.ex_start()
u'Running'
而现在,对CloudStack支持正在变得越来越好,但还有很多工作要做:改进对高级区域(Advance zone)的支持,检查负载平衡器和存储支持,增加单元测试和新的CloudStack功能特性,如自动缩放。请继续加油!!!!