之前一直使用openstack4j来操作openstack,发现有一些api不支持,比如手动绑定路由的外部接口IP等。下面介绍java调用原生api来实现想要的功能。
官网API地址:https://docs.openstack.org/train/api/
选择我使用的R版本,首先看认证部分组件keystone的API
查看认证部分api发现,认证的之后会在response header中生成token,之后所有的restapi都需要在头中增加token。
查看所有API调用地址,在openstack中的dashboard中查看
整体API调用实现思路如下:
通过feign调用认证API获取token,在feign调用API并在头中增加token信息(当然使用httpclient实现方式更加简单,但为了风格统一以下使用的都是feign的调用方式)
1、feign为了能获取响应头的内容,需要对响应进行处理,这里使用ecoder与decoder的方式对请求进行正反编辑,由于只为了获取响应内容,创建feign的配置文件OpenstackFeignAuthConfig实现decoder,因为只需要给认证接口使用,不要加@Configuration注解,只需要在认证的接口中指定该配置文件即可。
具体代码如下:
public class OpenstackFeignAuthConfig implements Decoder {
@Override
public Object decode(Response response, Type type) throws IOException, DecodeException, FeignException {
Map<String, Collection<String>> headers = response.headers();
Collection<String> tokens = headers.get("X-Subject-Token");//获取头中的token
Iterator<String> iterator = tokens.iterator();
String token = "";
while (iterator.hasNext()) {
token = iterator.next();
break;
}
return token;
}
}
2、创建feign认证服务,在yml中配置认证接口地址:openstack4jUrl=http://controller:5000
/**
* @description:
* @Author: huangsanß
* @Date: 2020/4/7 7:12 下午
*/
@FeignClient(name = "openstackAuth", url = "${openstack4crmp.openstack4jUrl}", configuration = OpenstackFeignAuthConfig.class, fallback = OpenstackAuthServiceFallBack.class)
public interface OpenstackAuthService {
@PostMapping("/v3/auth/tokens")
String doAuthentication(@RequestBody Object json);
}
注意:在这里指定配置文件OpenstackFeignAuthConfig.class
3、编写测试接口,测得获取token:
4、token拿到后,使用network组件的接口来测试。需求:给指定路由绑定指定的外部接口IP
由于需要在头部中封装token信息,使用@RequestMapping中的header属性可以实现,但是如果接口很多的话就很麻烦,这里使用配置文件的方式完成。配置文件实现RequestInterceptor,对request进行封装。
/**
* @description:
* @Author: huangsan
* @Date: 2020/4/7 5:16 下午
*/
public class FeignRequestCrudInterceptor implements RequestInterceptor {
@Autowired
private OpenstackAuthService openstackAuthService;
@Override
public void apply(RequestTemplate requestTemplate) {
String token = System.getProperty(Openstack4jUtils.OPENSTACK_AUTH_TOKEN);
if (StringUtils.isBlank(token)) {
token = openstackAuthService.doAuthentication(Openstack4jUtils.getAuthenticationParam());
System.setProperty(Openstack4jUtils.OPENSTACK_AUTH_TOKEN, token);
}
System.out.println("接口传递token:" + token);
requestTemplate.header("X-Auth-Token", token);
}
}
注意:通过接口获取到的token存放在system中,由于token的时效问题,可以增加一个定时器来隔一小时获取新的token。如果system中没有当前token,调用认证服务获取token。
/**
* @description: 定时更新认证信息到System中
* @Author: huangsan
* @Date: 2020/4/8 10:51 上午
*/
@Service
public class OpenstackAuthJob {
@Autowired
private OpenstackAuthService openstackAuthService;
@Scheduled(cron = "0 0/59 * * * ?")
public void setTokenToSystemProperties() {
String token = openstackAuthService.doAuthentication(Openstack4jUtils.getAuthenticationParam());
System.out.println("获取到最新的token:" + token);
System.setProperty(Openstack4jUtils.OPENSTACK_AUTH_TOKEN, token);
}
}
5、创建network组件的接口,其中openstackNetworkUrl为dashboard所示http://controller:9696
查看API为
6、接口定义如下:在configuraton中指定FeignRequestCrudInterceptor.class
/**
* @description:
* @Author: huangsan
* @Date: 2020/4/7 7:25 下午
*/
@FeignClient(name = "openstackNetwork", url = "${openstack4crmp.openstackNetworkUrl}", configuration = FeignRequestCrudInterceptor.class, fallback = OpenstackNetworkServiceFallBack.class)
public interface OpenstackNetworkService {
@GetMapping(value = "/v2.0/routers")
Object listRoutes();
@PutMapping(value = "/v2.0/routers/{routeId}")
Object routesAddFixIP(@RequestParam("routeId")String routeId, @RequestBody Object json);
}
7、随便创建测试代码,测试结果
@RequestMapping("test3")
public Object test3() {
String param="{\n" +
" \"router\": {\n" +
" \"distributed\": false,\n" +
" \"external_gateway_info\": {\n" +
" \"network_id\": \"fcf8a492-1fe4-421e-ad8e-7907a0be1ddc\",\n" +
" \"enable_snat\": true,\n" +
" \"external_fixed_ips\": [\n" +
" {\n" +
" \"ip_address\": \"10.1.3.26\",\n" +
" \"subnet_id\": \"172b5d1c-526a-4131-ab87-d05c44c28714\"\n" +
" }\n" +
" ]\n" +
" }\n" +
" }\n" +
"}";
return openstackNetworkService.routesAddFixIP("321b645a-a613-4d4a-8f0c-083d6e8d702a", param);
}
测试结果创建成功。
最后说明:其他接口暂时还用openstack4j来实现,毕竟太多了,openstack其他的的rest api调用方式基本都大同小异,可以封装一些BO来实现,这里小记一下自己的实现思路。希望得到大家的建议,一起成长。
最后补上utils:
@Component
public class Openstack4jUtils {
public static String OPENSTACK_AUTH_TOKEN = "openstack_auth_token";
public static String OPENSTACK4J_URL;
public static String OPENVNC_URL;
public static String OPEN_FLAVORID;
public static String OPEN_NAME;
public static String OPEN_DOMAIN;
public static String OPEN_PASSWORD;
@Value("${openstack4crmp.openstack4jUrl}")
public void setOpenstack4jUrl(String openstack4jUrl) {
OPENSTACK4J_URL = openstack4jUrl;
}
@Value("${openstack4crmp.openvncUrl}")
public void setOpenvncUrl(String openvncUrl) {
OPENVNC_URL = openvncUrl;
}
@Value("${openstack4crmp.openFlavorid}")
public void setOpenFlavorid(String openFlavorid) {
OPEN_FLAVORID = openFlavorid;
}
@Value("${openstack4crmp.openName}")
public void setOpenName(String openName) {
OPEN_NAME = openName;
}
@Value("${openstack4crmp.openDomain}")
public void setOpenDomain(String openDomain) {
OPEN_DOMAIN = openDomain;
}
@Value("${openstack4crmp.openPassword}")
public void setOpenPassword(String openPassword) {
OPEN_PASSWORD = openPassword;
}
//认证
public static OSClient.OSClientV3 doAuthentication() {
Identifier domainIdentifier = Identifier.byName("Default");
OSClient.OSClientV3 os3 = OSFactory.builderV3()
.endpoint(OPENSTACK4J_URL + "/v3")
.credentials("admin", "xxxx", domainIdentifier)
.authenticate();
return os3;
}
public static Object getAuthenticationParam() {
String param = "{\n" +
" \"auth\": {\n" +
" \"identity\": {\n" +
" \"methods\": [\n" +
" \"password\"\n" +
" ],\n" +
" \"password\": {\n" +
" \"user\": {\n" +
" \"name\": \"" + OPEN_NAME + "\",\n" +
" \"domain\": {\n" +
" \"name\": \"" + OPEN_DOMAIN + "\"\n" +
" },\n" +
" \"password\": \"" + OPEN_PASSWORD + "\"\n" +
" }\n" +
" }\n" +
" }\n" +
" }\n" +
"}";
return JSONObject.parse(param);
}
}