OpenStack Skyline APIServer
项目描述
英文 | 简体中文
Skyline是一个经过UI和UE优化的OpenStack仪表板,支持OpenStack Train+。它具有现代技术堆栈和生态系统,用户更容易维护和操作,并具有更高的并发性能。
Skyline的吉祥物是九色鹿。九色鹿源于敦煌壁画“九色王鹿”,其道德观是佛教的因果报应和感恩,这与99cloud自创立以来拥抱和回馈社区的哲学一致。我们也希望Skyline像九色鹿一样保持轻巧、优雅和强大,为openstack社区和用户提供更好的仪表板。
目录
资源
快速入门
先决条件
配置
编辑Linux服务器上的/etc/skyline/skyline.yaml文件
您可以参考示例文件,并根据实际环境修改以下参数
database_url
keystone_url
default_region
interface_type
system_project_domain
system_project
system_user_domain
system_user_name
system_user_password
使用SQLite进行部署
运行skyline_bootstrap容器以进行初始化
rm -rf /tmp/skyline && mkdir /tmp/skyline && mkdir /var/log/skyline docker run -d --name skyline_bootstrap -e KOLLA_BOOTSTRAP="" -v /var/log/skyline:/var/log/skyline -v /etc/skyline/skyline.yaml:/etc/skyline/skyline.yaml -v /tmp/skyline:/tmp --net=host 99cloud/skyline:latest # Check bootstrap is normal `exit 0` docker logs skyline_bootstrap初始化完成后运行skyline服务
docker rm -f skyline_bootstrap如果您需要修改skyline端口,请在以下命令中添加-e LISTEN_ADDRESS=<ip:port>
LISTEN_ADDRESS默认为0.0.0.0:9999
如果您需要修改服务的策略规则,请在以下命令中添加-v /etc/skyline/policy:/etc/skyline/policy
将服务策略yaml文件重命名为<service_name>_policy.yaml,并将其放置在/etc/skyline/policy文件夹中
docker run -d --name skyline --restart=always -v /var/log/skyline:/var/log/skyline -v /etc/skyline/skyline.yaml:/etc/skyline/skyline.yaml -v /tmp/skyline:/tmp --net=host 99cloud/skyline:latest
使用MariaDB进行部署
https://docs.openstack.org/skyline-apiserver/latest/install/docker-install-ubuntu.html
API文档
您可以通过访问API文档 https://<ip_address>:9999/api/openstack/skyline/docs
测试访问
您现在可以访问仪表板: https://<ip_address>:9999
开发Skyline-apiserver
支持Linux和Mac OS(推荐使用Linux OS)(因为uvloop和cython)
依赖工具
使用python37和uvloop(0.15.0+需要python37)的新功能上下文变量。考虑到大多数系统不支持python37,我们选择至少支持python38。
make >= 3.82
python >= 3.8
node >= 10.22.0(如果您仅使用apiserver进行开发则为可选)
yarn >= 1.22.4(如果您仅使用apiserver进行开发则为可选)
安装 & 运行
安装依赖包
tox -e venv设置skyline.yaml配置文件
cp etc/skyline.yaml.sample etc/skyline.yaml export OS_CONFIG_DIR=$(pwd)/etc您可能需要根据以下您的实际环境更改参数
- database_url - keystone_url - default_region - interface_type - system_project_domain - system_project - system_user_domain - system_user_name - system_user_password如果您将sqlite:////tmp/skyline.db设置为database_url,则按以下方式操作。如果您将mysql://root:root@localhost:3306/skyline设置为database_url,则首先应参考第1章和第2节的部署MariaDB步骤。
初始化skyline数据库
source .tox/venv/bin/activate make db_sync deactivate运行skyline-apiserver
$ source .tox/venv/bin/activate $ uvicorn --reload --reload-dir skyline_apiserver --port 28000 --log-level debug skyline_apiserver.main:app INFO: Uvicorn running on http://127.0.0.1:28000 (Press CTRL+C to quit) INFO: Started reloader process [154033] using statreload INFO: Started server process [154037] INFO: Waiting for application startup. INFO: Application startup complete.您现在可以访问在线API文档: http://127.0.0.1:28000/docs。
或者,您可以使用vscode的.vscode/launch.json启动调试器。
构建镜像
make build
Devstack集成
Kolla Ansible部署
常见问题解答
策略
- Q:为什么普通用户可以登录,但不能列出nova服务器?
Symptom: ----------------------------------- 1. Login Horizon with common user A, list servers OK. 2. Login Skyline with same common user A, could list the nova servers, F12 show no http requests sent from network, however webpage show 401, do not allow to list servers Root Cause Analysis: ----------------------------------- 1. Horizon don't know whether a user could do an action at a resource or not. It simply pass request to recording service, & service (Nova) do the check by its policy file. So it works. 2. Skyline check the action by itself, with /policy API. If you do not configure it, the default value follows community, like: https://docs.openstack.org/nova/2023.2/configuration/sample-policy.html How to fix: ----------------------------------- 1. By default, list servers need "project_reader_api": "role:reader and project_id:%(project_id)s" 2. You should config your customized role, for example: member, _member_, projectAdmin, etc, create implied reader role. "openstack implied role create --implied-role member projectAdmin", or "openstack implied role create --implied-role reader _member_" # openstack implied role list +----------------------------------+-----------------+----------------------------------+-------------------+ | Prior Role ID | Prior Role Name | Implied Role ID | Implied Role Name | +----------------------------------+-----------------+----------------------------------+-------------------+ | fe21c5a0d17149c2a7b02bf39154d110 | admin | 4376fc38ba6a44e794671af0a9c60ef5 | member | | 4376fc38ba6a44e794671af0a9c60ef5 | member | e081e01b7a4345bc85f8d3210b95362d | reader | | bee8fa36149e434ebb69b61d12113031 | projectAdmin | 4376fc38ba6a44e794671af0a9c60ef5 | member | | 77cec9fc7e764bd4bf60581869c048de | _member_ | e081e01b7a4345bc85f8d3210b95362d | reader | +----------------------------------+-----------------+----------------------------------+-------------------+
下载文件
下载适合您平台文件。如果您不确定选择哪个,请了解有关安装包的更多信息。
源代码分发
构建分发
skyline-apiserver-5.0.0.tar.gz的散列值
| 算法 | 散列摘要 | |
|---|---|---|
| SHA256 | c686bd8aa9370561256b2524c9a0342c74824b76674724b32a0cd26d696eda2b |
|
| MD5 | 07daa3b569bc78be67d8fe5bc3a899c9 |
|
| BLAKE2b-256 | f4dc3516867d7d108aedac2625626536a30aa0d0eba0f32df8b5cb491a3165ee |
skyline_apiserver-5.0.0-py3-none-any.whl的散列值
| 算法 | 散列摘要 | |
|---|---|---|
| SHA256 | 8d0ccffae686a436a3b052b61e8bfa2082d1ccc500f5290ad04329feb091c552 |
|
| MD5 | c8eb57cf2bbc64d716b1a311edaf80f2 |
|
| BLAKE2b-256 | 05c56e5ba4dc83faf4351179cd00064e36af4aec65a04e57a02458da1933a4e8 |