Versions Compared

Old Version 14

changes.mady.by.user Kenton McHenry

Saved on

compared with

New Version Current

changes.mady.by.user Craig Willis

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The NDSLabs API is a RESTful interface to the NDSLabs system. The API is implemented via the NDSLabs API Server.

Key Concepts

  • Project:  A named configuration that relates an administrative user , likely represented by a client certificate, to a set of resource allocations (quotas), and resources (namespace, pods/services, volumes, configurations).
  • StackApplication (aka stack)A set of services that are administratively related (i.e., started and stopped together). For example, "clowder" or "dataverse"
  • Service definitionspecificationA specification of a logical "service" that includes a name, description, storage requirements, configuration options, and relationships to other services. An NDSLabs "service" may be composed of multiple related containers.
  • Service library: A collection of service definitions and procedures for adding official/trusted as well as local/development services.
  • Service Application instance: An instance of a service configured and running in a project namespace.
  • Resource quota: A set of soft and hard limits assigned to a project (storage and compute).
  • Volume mount: A named, allocated storage resource that counts against the project quota and can be mounted by one or more services.

...

Using the CLI for simplicity: a project administrator wants to add a set of services to their project configuration:

CommandWhat it doesResponse
list servicesLists the services in the service library that can be added to this project.

clowder

image-preview

list resources

Lists the storage resources available to this projectstorage quota: 1TB
get service clowderGets the service specification<spec>
add service clowderAdds the specified service to the projectOK
get config clowderGets the configuration options available for the service
<config>
set
config clowder
env smtp-host smtp.ncsa.illinois.eduSets a configuration option for the named services
OKcreate volume clowder-vol 10GBCreates and formats a volume named "clowder-vol"OKattach clowder-vol clowderMakes the volume available to the service
OK
start clowderStarts the service<status>
status clowderReturns the service status<status>
endpoint clowder
Returns the service endpoint<endpoint>
add service image-previewAdds the specified service to the project
OKlink image-preview clowderLinks the specified services (in this case, by adding required rabbitmq)
OK
start image-previewStarts the image preview service and updates the clowder service?<status>
stop servicesStops everything<status>
delete volume clowder-volRemoves the specified volumeOKdelete clowder image-previewRemoves the services from the projectOK

Entities

The following is a simple entity-relationship diagram intended to capture the entities, attributes, and relationships for the NDSLabs API.

Gliffy Diagram
namendslabs-api-server-erdversion3

...

REST API

For actor definitions, see NDS Labs Use Cases.

 

Base path: /api/{version}/

PathActionProject AdminCluster AdminNotes
/List available pathsGETGET 
/authenticate PUTPUTreturns token
/servicesList, add site-wide and project-specific servicesGET, PUTPUT 
/services/{service-id}Get, update, delete site-wide servicesGETPUT, DELETE 
/services/templates/{service-id}/{service|controller}Put, get, delete service templatesGETPUT, DELETE 
/projectsList, add projects GET, PUT 
/projects/{project-id}Get, update, delete projectGET, PUTDELETE 
/projects/{project-id}/serviceInstancesList, add project servicesGET, PUT  
/projects/{project-id}/serviceInstances/{instance-id}Get, update, delete project serviceGET, PUT, DELETE  
/projects/{project-id}/serviceInstances/{instance-id}/statusGet, update, delete project services statusGET, PUT, DELETE start, stop, restart
/projects/{project-id}/serviceInstance/{instance-id}/configGet, update, delete service configurationsGET, PUT, DELETE  
/projects/{project-id}/volumesList, add project volumesGET, PUT  
/projects/{project-id}/volumes/{volume-id}Get, update, delete project volumesGET, PUT, DELETE  
/projects/{project-id}/{stack-id}Get, update, delete service stackGET, PUT, DELETE  
/projects/{project-id}/{stack-id}/actions/{action}Start/Stop a stackGET,PUT  
/projects/{project-id}/{stack-id}/services/{service-id}Get, update, delete services in a stackGET, PUT, DELETE  
/versionGet server versionGETGET 
/refresh_tokenGet a new tokenGETGET 
/registerPost a new project POST 

 

/consoleGet a Websocket connection to a consoleGET  

 

 

The latest version of the API specification is available in Github:A first draft of the spec is available via git on the NDS-108 branch

https://github.com/nds-org/nds-labsndslabs/blob/NDS-108/apiserver/apimaster/apis/swagger-spec/ndslabs.yaml

This can be opened using the Swagger editor demo http://editor.swagger.io/, if desired.

Authentication

...

The API Server currently uses the JSON Web-Token

...

(JWT) approach. The basic flow is as follows:

  • POST to /authenticate 
    • {"username": "demo", "password": "12345"}
  • response

    • {"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0NTY4NzE3ODgsImlkIjoiZGVtbyIsIm9yaWdfaWF0IjoxNDU2ODY5OTg4fQ.pJ2CQyqXDV675KrAtz3qVzwbM7k-tnZ28Pc0o81GtGU"}

  • For all subsequent requests, include the following header:

    • Authorization: Bearer TOKEN

  • To refresh the token, simply GET /refresh_token, this will retrieve an updated token

  • The interceptor model described here https://thinkster.io/angularjs-jwt-auth also looks like a handy way to keep things alive without persisting stuff on the client.

  • Password will be validated against the server-side "project" structure

Volumes

  • If development environment, creating a volume is just a mkdir on some local path
  • If production environment, creating a volume requires a call to the Openstack API (Create, Attach) then a local call to mkfs, then a call to the Openstack API (Detach)

...