#!/usr/bin/env python3 # pvc-api.py - PVC HTTP API interface # Part of the Parallel Virtual Cluster (PVC) system # # Copyright (C) 2018-2019 Joshua M. Boniface # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # ############################################################################### import flask import json import yaml import os import distutils.util import gevent.pywsgi import celery as Celery import api_lib.pvcapi_helper as api_helper import api_lib.pvcapi_provisioner as api_provisioner # Parse the configuration file try: pvc_config_file = os.environ['PVC_CONFIG_FILE'] except: print('Error: The "PVC_CONFIG_FILE" environment variable must be set before starting pvc-api.') exit(1) print('Starting PVC API daemon') # Read in the config try: with open(pvc_config_file, 'r') as cfgfile: o_config = yaml.load(cfgfile) except Exception as e: print('ERROR: Failed to parse configuration file: {}'.format(e)) exit(1) try: # Create the config object config = { 'debug': o_config['pvc']['debug'], 'coordinators': o_config['pvc']['coordinators'], 'listen_address': o_config['pvc']['api']['listen_address'], 'listen_port': int(o_config['pvc']['api']['listen_port']), 'auth_enabled': o_config['pvc']['api']['authentication']['enabled'], 'auth_secret_key': o_config['pvc']['api']['authentication']['secret_key'], 'auth_tokens': o_config['pvc']['api']['authentication']['tokens'], 'ssl_enabled': o_config['pvc']['api']['ssl']['enabled'], 'ssl_key_file': o_config['pvc']['api']['ssl']['key_file'], 'ssl_cert_file': o_config['pvc']['api']['ssl']['cert_file'], 'database_host': o_config['pvc']['provisioner']['database']['host'], 'database_port': int(o_config['pvc']['provisioner']['database']['port']), 'database_name': o_config['pvc']['provisioner']['database']['name'], 'database_user': o_config['pvc']['provisioner']['database']['user'], 'database_password': o_config['pvc']['provisioner']['database']['pass'], 'queue_host': o_config['pvc']['provisioner']['queue']['host'], 'queue_port': o_config['pvc']['provisioner']['queue']['port'], 'queue_path': o_config['pvc']['provisioner']['queue']['path'], 'storage_hosts': o_config['pvc']['provisioner']['ceph_cluster']['storage_hosts'], 'storage_domain': o_config['pvc']['provisioner']['ceph_cluster']['storage_domain'], 'ceph_monitor_port': o_config['pvc']['provisioner']['ceph_cluster']['ceph_monitor_port'], 'ceph_storage_secret_uuid': o_config['pvc']['provisioner']['ceph_cluster']['ceph_storage_secret_uuid'] } # Use coordinators as storage hosts if not explicitly specified if not config['storage_hosts']: config['storage_hosts'] = config['coordinators'] # Set the config object in the api_helper namespace api_helper.config = config # Set the config object in the api_provisioner namespace api_provisioner.config = config except Exception as e: print('ERROR: {}.'.format(e)) exit(1) api = flask.Flask(__name__) api.config['CELERY_BROKER_URL'] = 'redis://{}:{}{}'.format(config['queue_host'], config['queue_port'], config['queue_path']) api.config['CELERY_RESULT_BACKEND'] = 'redis://{}:{}{}'.format(config['queue_host'], config['queue_port'], config['queue_path']) if config['debug']: api.config['DEBUG'] = True if config['auth_enabled']: api.config["SECRET_KEY"] = config['auth_secret_key'] celery = Celery.Celery(api.name, broker=api.config['CELERY_BROKER_URL']) celery.conf.update(api.config) # Authentication decorator function def authenticator(function): def authenticate(*args, **kwargs): # No authentication required if not config['auth_enabled']: return function(*args, **kwargs) # Session-based authentication if 'token' in flask.session: return function(*args, **kwargs) # Key header-based authentication if 'X-Api-Key' in flask.request.headers: if any(token for token in secret_tokens if flask.request.headers.get('X-Api-Key') == token): return function(*args, **kwargs) else: return "X-Api-Key Authentication failed\n", 401 # All authentications failed return "X-Api-Key Authentication required\n", 401 authenticate.__name__ = function.__name__ return authenticate # # Job functions # @celery.task(bind=True) def create_vm(self, vm_name, profile_name): return api_provisioner.create_vm(self, vm_name, profile_name) ########################################################## # API Root/Authentication ########################################################## @api.route('/api/v1', methods=['GET']) def api_root(): return flask.jsonify({"message":"PVC API version 1"}), 209 @api.route('/api/v1/auth/login', methods=['GET', 'POST']) def api_auth_login(): # Just return a 200 if auth is disabled if not config['auth_enabled']: return flask.jsonify({"message":"Authentication is disabled."}), 200 if flask.request.method == 'GET': return '''

Enter your authentication token:

''' if flask.request.method == 'POST': if any(token for token in config['auth_tokens'] if flask.request.values['token'] in token['token']): flask.session['token'] = flask.request.form['token'] return flask.redirect(flask.url_for('api_root')) else: return flask.jsonify({"message":"Authentication failed"}), 401 @api.route('/api/v1/auth/logout', methods=['GET', 'POST']) def api_auth_logout(): # Just return a 200 if auth is disabled if not config['auth_enabled']: return flask.jsonify({"message":"Authentication is disabled."}), 200 # remove the username from the session if it's there flask.session.pop('token', None) return flask.redirect(flask.url_for('api_root')) ########################################################## # Cluster API ########################################################## # # Node endpoints # @api.route('/api/v1/node', methods=['GET']) @authenticator def api_node_root(): # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None return api_helper.node_list(limit) @api.route('/api/v1/node/', methods=['GET']) @authenticator def api_node_element(node): # Same as specifying /node?limit=NODE return api_helper.node_list(node) @api.route('/api/v1/node//daemon-state', methods=['GET']) @authenticator def api_node_daemon_state(node): if flask.request.method == 'GET': return api_helper.node_daemon_state(node) @api.route('/api/v1/node//coordinator-state', methods=['GET', 'POST']) @authenticator def api_node_coordinator_state(node): if flask.request.method == 'GET': return api_helper.node_coordinator_state(node) if flask.request.method == 'POST': if not 'coordinator-state' in flask.request.values: flask.abort(400) new_state = flask.request.values['coordinator-state'] if new_state == 'primary': return api_helper.node_primary(node) if new_state == 'secondary': return api_helper.node_secondary(node) flask.abort(400) @api.route('/api/v1/node//domain-state', methods=['GET', 'POST']) @authenticator def api_node_domain_state(node): if flask.request.method == 'GET': return api_helper.node_domain_state(node) if flask.request.method == 'POST': if not 'domain-state' in flask.request.values: flask.abort(400) new_state = flask.request.values['domain-state'] if new_state == 'ready': return api_helper.node_ready(node) if new_state == 'flush': return api_helper.node_flush(node) flask.abort(400) # # VM endpoints # @api.route('/api/v1/vm', methods=['GET', 'POST']) @authenticator def api_vm_root(): if flask.request.method == 'GET': # Get node limit if 'node' in flask.request.values: node = flask.request.values['node'] else: node = None # Get state limit if 'state' in flask.request.values: state = flask.request.values['state'] else: state = None # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None return api_helper.vm_list(node, state, limit) if flask.request.method == 'POST': # Get XML data if 'xml' in flask.request.values: libvirt_xml = flask.request.values['xml'] else: return flask.jsonify({"message":"ERROR: A Libvirt XML document must be specified."}), 400 # Get node name if 'node' in flask.request.values: node = flask.request.values['node'] else: node = None # Set target limit metadata if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None # Set target selector metadata if 'selector' in flask.request.values: selector = flask.request.values['selector'] else: selector = 'mem' # Set target autostart metadata if 'autostart' in flask.request.values: autostart = True else: autostart = False return api_helper.vm_define(vm, libvirt_xml, node, selector) @api.route('/api/v1/vm/', methods=['GET', 'POST', 'PUT', 'DELETE']) @authenticator def api_vm_element(vm): if flask.request.method == 'GET': # Same as specifying /vm?limit=VM return api_helper.vm_list(None, None, vm, is_fuzzy=False) if flask.request.method == 'POST': # Set target limit metadata if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None # Set target selector metadata if 'selector' in flask.request.values: selector = flask.request.values['selector'] else: selector = None # Set target autostart metadata if 'no-autostart' in flask.request.values: autostart = False elif 'autostart' in flask.request.values: autostart = True else: autostart = None return api_helper.vm_meta(vm, limit, selector, autostart) if flask.request.method == 'PUT': libvirt_xml = flask.request.data if 'restart' in flask.request.values and flask.request.values['restart']: flag_restart = True else: flag_restart = False return api_helper.vm_modify(vm, flag_restart, libvirt_xml) if flask.request.method == 'DELETE': if 'delete_disks' in flask.request.values and flask.request.values['delete_disks']: return api_helper.vm_remove(vm) else: return api_helper.vm_undefine(vm) @api.route('/api/v1/vm//state', methods=['GET', 'POST']) @authenticator def api_vm_state(vm): if flask.request.method == 'GET': return api_helper.vm_state(vm) if flask.request.method == 'POST': if not 'state' in flask.request.values: flask.abort(400) new_state = flask.request.values['state'] if new_state == 'start': return api_helper.vm_start(vm) if new_state == 'shutdown': return api_helper.vm_shutdown(vm) if new_state == 'stop': return api_helper.vm_stop(vm) if new_state == 'restart': return api_helper.vm_restart(vm) flask.abort(400) @api.route('/api/v1/vm//node', methods=['GET', 'POST']) @authenticator def api_vm_node(vm): if flask.request.method == 'GET': return api_helper.vm_node(vm) if flask.request.method == 'POST': if 'action' in flask.request.values: action = flask.request.values['action'] else: flask.abort(400) # Get node name if 'node' in flask.request.values: node = flask.request.values['node'] else: node = None # Get permanent flag if 'permanent' in flask.request.values and flask.request.values['permanent']: flag_permanent = True else: flag_permanent = False # Get force flag if 'force' in flask.request.values and flask.request.values['force']: flag_force = True else: flag_force = False # Check if VM is presently migrated is_migrated = api_helper.vm_is_migrated(vm) if action == 'migrate' and not flag_permanent: return api_helper.vm_migrate(vm, node, flag_force) if action == 'migrate' and flag_permanent: return api_helper.vm_move(vm, node) if action == 'unmigrate' and is_migrated: return api_helper.vm_unmigrate(vm) flask.abort(400) @api.route('/api/v1/vm//locks', methods=['GET', 'POST']) @authenticator def api_vm_locks(vm): if flask.request.method == 'GET': return "Not implemented", 400 if flask.request.method == 'POST': return api_helper.vm_flush_locks(vm) # # Network endpoints # @api.route('/api/v1/network', methods=['GET', 'POST']) @authenticator def api_net_root(): if flask.request.method == 'GET': # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None return api_helper.net_list(limit) if flask.request.method == 'POST': # Get network VNI if 'vni' in flask.request.values: vni = flask.request.values['vni'] else: return flask.jsonify({"message":"ERROR: A VNI must be specified for the virtual network."}), 520 # Get network description if 'description' in flask.request.values: description = flask.request.values['vni'] else: return flask.jsonify({"message":"ERROR: A VNI must be specified for the virtual network."}), 520 # Get network type if 'nettype' in flask.request.values: nettype = flask.request.values['nettype'] if not 'managed' in nettype and not 'bridged' in nettype: return flask.jsonify({"message":"ERROR: A valid nettype must be specified: 'managed' or 'bridged'."}), 520 else: return flask.jsonify({"message":"ERROR: A nettype must be specified for the virtual network."}), 520 # Get network domain if 'domain' in flask.request.values: domain = flask.request.values['domain'] else: domain = None # Get network name servers if 'name_server' in flask.request.values: name_servers = flask.request.values.getlist('name_server') else: name_servers = None # Get ipv4 network if 'ip4_network' in flask.request.values: ip4_network = flask.request.values['ip4_network'] else: ip4_network = None # Get ipv4 gateway if 'ip4_gateway' in flask.request.values: ip4_gateway = flask.request.values['ip4_gateway'] else: ip4_gateway = None # Get ipv6 network if 'ip6_network' in flask.request.values: ip6_network = flask.request.values['ip6_network'] else: ip6_network = None # Get ipv6 gateway if 'ip6_gateway' in flask.request.values: ip6_gateway = flask.request.values['ip6_gateway'] else: ip6_gateway = None # Get ipv4 DHCP flag if 'dhcp4' in flask.request.values and flask.request.values['dhcp4']: dhcp4_flag = True else: dhcp4_flag = False # Get ipv4 DHCP start if 'dhcp4_start' in flask.request.values: dhcp4_start = flask.request.values['dhcp4_start'] else: dhcp4_start = None # Get ipv4 DHCP end if 'dhcp4_end' in flask.request.values: dhcp4_end = flask.request.values['dhcp4_end'] else: dhcp4_end = None return api_helper.net_add(vni, description, nettype, domain, name_servers, ip4_network, ip4_gateway, ip6_network, ip6_gateway, dhcp4_flag, dhcp4_start, dhcp4_end) @api.route('/api/v1/network/', methods=['GET', 'PUT', 'DELETE']) @authenticator def api_net_element(network): # Same as specifying /network?limit=NETWORK if flask.request.method == 'GET': return api_helper.net_list(network) if flask.request.method == 'PUT': # Get network description if 'description' in flask.request.values: description = flask.request.values['description'] else: description = None # Get network domain if 'domain' in flask.request.values: domain = flask.request.values['domain'] else: domain = None # Get network name servers if 'name_server' in flask.request.values: name_servers = flask.request.values.getlist('name_server') else: name_servers = None # Get ipv4 network if 'ip4_network' in flask.request.values: ip4_network = flask.request.values['ip4_network'] else: ip4_network = None # Get ipv4 gateway if 'ip4_gateway' in flask.request.values: ip4_gateway = flask.request.values['ip4_gateway'] else: ip4_gateway = None # Get ipv6 network if 'ip6_network' in flask.request.values: ip6_network = flask.request.values['ip6_network'] else: ip6_network = None # Get ipv6 gateway if 'ip6_gateway' in flask.request.values: ip6_gateway = flask.request.values['ip6_gateway'] else: ip6_gateway = None # Get ipv4 DHCP flag if 'dhcp4' in flask.request.values and flask.request.values['dhcp4']: dhcp4_flag = True else: dhcp4_flag = False # Get ipv4 DHCP start if 'dhcp4_start' in flask.request.values: dhcp4_start = flask.request.values['dhcp4_start'] else: dhcp4_start = None # Get ipv4 DHCP end if 'dhcp4_end' in flask.request.values: dhcp4_end = flask.request.values['dhcp4_end'] else: dhcp4_end = None return api_helper.net_modify(network, description, domain, name_servers, ip4_network, ip4_gateway, ip6_network, ip6_gateway, dhcp4_flag, dhcp4_start, dhcp4_end) if flask.request.method == 'DELETE': return api_helper.net_remove(network) @api.route('/api/v1/network//lease', methods=['GET', 'POST']) @authenticator def api_net_lease_root(network): if flask.request.method == 'GET': # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None # Get static-only flag if 'static' in flask.request.values and flask.request.values['static']: flag_static = True else: flag_static = False return api_helper.net_dhcp_list(network, limit. flag_static) if flask.request.method == 'POST': # Get lease macaddr if 'macaddress' in flask.request.values: macaddress = flask.request.values['macaddress'] else: return flask.jsonify({"message":"ERROR: An IP address must be specified for the lease."}), 400 # Get lease ipaddress if 'ipaddress' in flask.request.values: ipaddress = flask.request.values['ipaddress'] else: return flask.jsonify({"message":"ERROR: An IP address must be specified for the lease."}), 400 # Get lease hostname if 'hostname' in flask.request.values: hostname = flask.request.values['hostname'] else: hostname = None return api_helper.net_dhcp_add(network, ipaddress, lease, hostname) @api.route('/api/v1/network//lease/', methods=['GET', 'DELETE']) @authenticator def api_net_lease_element(network, lease): if flask.request.method == 'GET': # Same as specifying /network?limit=NETWORK return api_helper.net_dhcp_list(network, lease, False) if flask.request.method == 'DELETE': return api_helper.net_dhcp_remove(network, lease) @api.route('/api/v1/network//acl', methods=['GET', 'POST']) @authenticator def api_net_acl_root(network): if flask.request.method == 'GET': # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None # Get direction limit if 'direction' in flask.request.values: direction = flask.request.values['direction'] if not 'in' in direction and not 'out' in direction: return flash.jsonify({"message":"ERROR: Direction must be either 'in' or 'out'; for both, do not specify a direction."}), 400 else: direction = None return api_helper.net_acl_list(network, limit, direction) if flask.request.method == 'POST': # Get ACL description if 'description' in flask.request.values: description = flask.request.values['description'] else: return flask.jsonify({"message":"ERROR: A description must be provided."}), 400 # Get rule direction if 'direction' in flask.request.values: direction = flask.request.values['limit'] if not 'in' in direction and not 'out' in direction: return flask.jsonify({"message":"ERROR: Direction must be either 'in' or 'out'."}), 400 else: return flask.jsonify({"message":"ERROR: A direction must be specified for the ACL."}), 400 # Get rule data if 'rule' in flask.request.values: rule = flask.request.values['rule'] else: return flask.jsonify({"message":"ERROR: A valid NFT rule line must be specified for the ACL."}), 400 # Get order value if 'order' in flask.request.values: order = flask.request.values['order'] else: order = None return api_helper.net_acl_add(network, direction, acl, rule, order) @api.route('/api/v1/network//acl/', methods=['GET', 'DELETE']) @authenticator def api_net_acl_element(network, acl): if flask.request.method == 'GET': # Same as specifying /network?limit=NETWORK return api_helper.net_acl_list(network, acl, None) if flask.request.method == 'DELETE': # Get rule direction if 'direction' in flask.request.values: direction = flask.request.values['limit'] if not 'in' in direction and not 'out' in direction: return flask.jsonify({"message":"ERROR: Direction must be either 'in' or 'out'."}), 400 else: return flask.jsonify({"message":"ERROR: A direction must be specified for the ACL."}), 400 return api_helper.net_acl_remove(network, direction, acl) # # Storage (Ceph) endpoints # # Note: The prefix `/storage` allows future potential storage subsystems. # Since Ceph is the only section not abstracted by PVC directly # (i.e. it references Ceph-specific concepts), this makes more # sense in the long-term. # @api.route('/api/v1/storage', methods=['GET']) def api_storage(): return flask.jsonify({"message":"Manage the storage of the PVC cluster."}), 200 @api.route('/api/v1/storage/ceph', methods=['GET']) @api.route('/api/v1/storage/ceph/status', methods=['GET']) @authenticator def api_ceph_status(): return api_helper.ceph_status() @api.route('/api/v1/storage/ceph/df', methods=['GET']) @authenticator def api_ceph_radosdf(): return api_helper.ceph_radosdf() @api.route('/api/v1/storage/ceph/cluster-option', methods=['POST']) @authenticator def api_ceph_cluster_option(): if flask.request.method == 'POST': # Get action if 'action' in flask.request.values: action = flask.request.values['action'] if not 'set' in action and not 'unset' in action: return flask.jsonify({"message":"ERROR: Action must be one of: set, unset"}), 400 else: return flask.jsonify({"message":"ERROR: An action must be specified."}), 400 # Get option if 'option' in flask.request.values: option = flask.request.values['option'] else: return flask.jsonify({"message":"ERROR: An option must be specified."}), 400 if action == 'set': return api_helper.ceph_osd_set(option) if action == 'unset': return api_helper.ceph_osd_unset(option) @api.route('/api/v1/storage/ceph/osd', methods=['GET', 'POST']) @authenticator def api_ceph_osd_root(): if flask.request.method == 'GET': # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None return api_helper.ceph_osd_list(limit) if flask.request.method == 'POST': # Get OSD node if 'node' in flask.request.values: node = flask.request.values['node'] else: return flask.jsonify({"message":"ERROR: A node must be specified."}), 400 # Get OSD device if 'device' in flask.request.values: device = flask.request.values['device'] else: return flask.jsonify({"message":"ERROR: A block device must be specified."}), 400 # Get OSD weight if 'weight' in flask.request.values: weight = flask.request.values['weight'] else: return flask.jsonify({"message":"ERROR: An OSD weight must be specified."}), 400 return api_helper.ceph_osd_add(node, device, weight) @api.route('/api/v1/storage/ceph/osd/', methods=['GET', 'DELETE']) @authenticator def api_ceph_osd_element(osd): if flask.request.method == 'GET': # Same as specifying /osd?limit=OSD return api_helper.ceph_osd_list(osd) if flask.request.method == 'DELETE': # Verify yes-i-really-mean-it flag if not 'yes_i_really_mean_it' in flask.request.values: return flask.jsonify({"message":"ERROR: This command can have unintended consequences and should not be automated; if you're sure you know what you're doing, resend with the argument 'yes_i_really_mean_it'."}), 400 return api_helper.ceph_osd_remove(osd) @api.route('/api/v1/storage/ceph/osd//state', methods=['GET', 'POST']) @authenticator def api_ceph_osd_state(osd): if flask.request.method == 'GET': return api_helper.ceph_osd_state(osd) if flask.request.method == 'POST': if 'state' in flask.request.values: state = flask.request.values['state'] if not 'in' in state and not 'out' in state: return flask.jsonify({"message":"ERROR: State must be one of: in, out."}), 400 else: return flask.jsonify({"message":"ERROR: A state must be specified."}), 400 if state == 'in': return api_helper.ceph_osd_in(osd) if state == 'out': return api_helper.ceph_osd_out(osd) @api.route('/api/v1/storage/ceph/pool', methods=['GET', 'POST']) @authenticator def api_ceph_pool_root(): if flask.request.method == 'GET': # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None return api_helper.ceph_pool_list(limit) if flask.request.method == 'POST': # Get pool name if 'pool' in flask.request.values: pool = flask.request.values['pool'] else: return flask.jsonify({"message":"ERROR: A pool name must be specified."}), 400 # Get placement groups if 'pgs' in flask.request.values: pgs = flask.request.values['pgs'] else: # We default to a very small number; DOCUMENT THIS pgs = 128 # Get replication configuration if 'replcfg' in flask.request.values: replcfg = flask.request.values['replcfg'] else: # We default to copies=3,mincopies=2 replcfg = 'copies=3,mincopies=2' return api_helper.ceph_pool_add(pool, pgs) @api.route('/api/v1/storage/ceph/pool/', methods=['GET', 'DELETE']) @authenticator def api_ceph_pool_element(pool): if flask.request.method == 'GET': # Same as specifying /pool?limit=POOL return api_helper.ceph_pool_list(pool) if flask.request.method == 'DELETE': # Verify yes-i-really-mean-it flag if not 'yes_i_really_mean_it' in flask.request.values: return flask.jsonify({"message":"ERROR: This command can have unintended consequences and should not be automated; if you're sure you know what you're doing, resend with the argument 'yes_i_really_mean_it'."}), 400 return api_helper.ceph_pool_remove(pool) @api.route('/api/v1/storage/ceph/volume', methods=['GET', 'POST']) @authenticator def api_ceph_volume_root(): if flask.request.method == 'GET': # Get pool limit if 'pool' in flask.request.values: pool = flask.request.values['pool'] else: pool = None # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None return api_helper.ceph_volume_list(pool, limit) if flask.request.method == 'POST': # Get volume name if 'volume' in flask.request.values: volume = flask.request.values['volume'] else: return flask.jsonify({"message":"ERROR: A volume name must be specified."}), 400 # Get volume pool if 'pool' in flask.request.values: pool = flask.request.values['pool'] else: return flask.jsonify({"message":"ERROR: A pool name must be spcified."}), 400 # Get source_volume if 'source_volume' in flask.request.values: source_volume = flask.request.values['source_volume'] else: source_volume = None # Get volume size if 'size' in flask.request.values: size = flask.request.values['size'] elif source_volume: # We ignore size if we're cloning a volume size = None else: return flask.jsonify({"message":"ERROR: A volume size in bytes (or with an M/G/T suffix) must be specified."}), 400 if source_volume: return api_helper.ceph_volume_clone(pool, volume, source_volume) else: return api_helper.ceph_volume_add(pool, volume, size) @api.route('/api/v1/storage/ceph/volume//', methods=['GET', 'PUT', 'DELETE']) @authenticator def api_ceph_volume_element(pool, volume): if flask.request.method == 'GET': # Same as specifying /volume?limit=VOLUME return api_helper.ceph_volume_list(pool, volume) if flask.request.method == 'PUT': if 'size' in flask.request.values: size = flask.request.values['size'] if 'name' in flask.request.values: name = flask.request.values['name'] if size and not name: return api_helper.ceph_volume_resize(pool, volume, size) if name and not size: return api_helper.ceph_volume_rename(pool, volume, name) return flask.jsonify({"message":"ERROR: No name or size specified, or both specified; not changing anything."}), 400 if flask.request.method == 'DELETE': return api_helper.ceph_volume_remove(pool, volume) @api.route('/api/v1/storage/ceph/volume/snapshot', methods=['GET', 'POST']) @authenticator def api_ceph_volume_snapshot_root(): if flask.request.method == 'GET': # Get pool limit if 'pool' in flask.request.values: pool = flask.request.values['pool'] else: pool = None # Get volume limit if 'volume' in flask.request.values: volume = flask.request.values['volume'] else: volume = None # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None return api_helper.ceph_volume_snapshot_list(pool, volume, limit) if flask.request.method == 'POST': # Get snapshot name if 'snapshot' in flask.request.values: snapshot = flask.request.values['snapshot'] else: return flask.jsonify({"message":"ERROR: A snapshot name must be specified."}), 400 # Get volume name if 'volume' in flask.request.values: volume = flask.request.values['volume'] else: return flask.jsonify({"message":"ERROR: A volume name must be specified."}), 400 # Get volume pool if 'pool' in flask.request.values: pool = flask.request.values['pool'] else: return flask.jsonify({"message":"ERROR: A pool name must be spcified."}), 400 return api_helper.ceph_volume_snapshot_add(pool, volume, snapshot) @api.route('/api/v1/storage/ceph/volume/snapshot///', methods=['GET', 'PUT', 'DELETE']) @authenticator def api_ceph_volume_snapshot_element(pool, volume, snapshot): if flask.request.method == 'GET': # Same as specifying /snapshot?limit=VOLUME return api_helper.ceph_volume_snapshot_list(pool, volume, snapshot) if flask.request.method == 'PUT': if 'name' in flask.request.values: name = flask.request.values['name'] else: return flask.jsonify({"message":"ERROR: A new name must be specified."}), 400 return api_helper.ceph_volume_snapshot_rename(pool, volume, snapshot, name) if flask.request.method == 'DELETE': return api_helper.ceph_volume_snapshot_remove(pool, volume, snapshot) ########################################################## # Provisioner API ########################################################## # # Template endpoints # @api.route('/api/v1/provisioner/template', methods=['GET']) @authenticator def api_template_root(): """ /template - Manage provisioning templates for VM creation. GET: List all templates in the provisioning system. ?limit: Specify a limit to queries. Fuzzy by default; use ^ and $ to force exact matches. """ # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None return flask.jsonify(api_provisioner.template_list(limit)), 200 @api.route('/api/v1/provisioner/template/system', methods=['GET', 'POST']) @authenticator def api_template_system_root(): """ /template/system - Manage system provisioning templates for VM creation. GET: List all system templates in the provisioning system. ?limit: Specify a limit to queries. Fuzzy by default; use ^ and $ to force exact matches. * type: text * optional: true * requires: N/A POST: Add new system template. ?name: The name of the template. * type: text * optional: false * requires: N/A ?vcpus: The number of VCPUs. * type: integer * optional: false * requires: N/A ?vram: The amount of RAM in MB. * type: integer, Megabytes (MB) * optional: false * requires: N/A ?serial: Enable serial console. * type: boolean * optional: false * requires: N/A ?vnc: True/False, enable VNC console. * type: boolean * optional: false * requires: N/A ?vnc_bind: Address to bind VNC to. * default: '127.0.0.1' * type: IP Address (or '0.0.0.0' wildcard) * optional: true * requires: vnc=True ?node_limit: CSV list of node(s) to limit VM operation to * type: CSV of valid PVC nodes * optional: true * requires: N/A ?node_selector: Selector to use for node migrations after initial provisioning * type: Valid PVC node selector * optional: true * requires: N/A ?start_with_node: Whether to start limited node with the parent node * default: false * type: boolean * optional: true * requires: N/A """ if flask.request.method == 'GET': # Get name limit if 'limit' in flask.request.values: limit = flask.request.values['limit'] else: limit = None return flask.jsonify(api_provisioner.list_template_system(limit)), 200 if flask.request.method == 'POST': # Get name data if 'name' in flask.request.values: name = flask.request.values['name'] else: return flask.jsonify({"message": "A name must be specified."}), 400 # Get vcpus data if 'vcpus' in flask.request.values: try: vcpu_count = int(flask.request.values['vcpus']) except: return flask.jsonify({"message": "A vcpus value must be an integer."}), 400 else: return flask.jsonify({"message": "A vcpus value must be specified."}), 400 # Get vram data if 'vram' in flask.request.values: try: vram_mb = int(flask.request.values['vram']) except: return flask.jsonify({"message": "A vram integer value in Megabytes must be specified."}), 400 else: return flask.jsonify({"message": "A vram integer value in Megabytes must be specified."}), 400 # Get serial configuration if 'serial' in flask.request.values and bool(distutils.util.strtobool(flask.request.values['serial'])): serial = True else: serial = False # Get VNC configuration if 'vnc' in flask.request.values and bool(distutils.util.strtobool(flask.request.values['vnc'])): vnc = True if 'vnc_bind' in flask.request.values: vnc_bind = flask.request.values['vnc_bind_address'] else: vnc_bind = None else: vnc = False vnc_bind = None # Get metadata if 'node_limit' in flask.request.values: node_limit = flask.request.values['node_limit'] else: node_limit = None if 'node_selector' in flask.request.values: node_selector = flask.request.values['node_selector'] else: node_selector = None if 'start_with_node' in flask.request.values and bool(distutils.util.strtobool(flask.request.values['start_with_node'])): start_with_node = True else: start_with_node = False return api_provisioner.create_template_system(name, vcpu_count, vram_mb, serial, vnc, vnc_bind, node_limit, node_selector, start_with_node) @api.route('/api/v1/provisioner/template/system/