falcon78921 commented on issue #3137: Integrating Ceph Status into CloudStack Dashboard URL: https://github.com/apache/cloudstack/issues/3137#issuecomment-455265345 @kiwiflyer The API is pretty easy to work with. All you need to do is enable the RESTful plugin on the ``ceph-mgr``. ``ceph mgr module enable restful`` All API requests are sent over SSL (mandatory). You can generate a self-signed certificate or use your own. In my case, I just generated a self-signed cert with the following command: ``ceph restful create-self-signed-cert`` Then, to generate an API user, run the following: ``ceph restful create-key <username>`` The username, in my case, is ``tester``. This generates an UUID, which acts as the secret. Then, all you need to do is send the request with HTTP Basic Auth. ``curl -k https://tester:5722f20a-6a3c-48f0-b81b-03cadfc21e8b@192.168.5.10:8003/server -v`` To see all users with API access, use this command: ``ceph restful list-keys`` This outputs the info in JSON: ~~~ { "tester": "5722f20a-6a3c-48f0-b81b-03cadfc21e8b" } ~~~ Here's an example of fetching server info, via API: ~~~ curl -k https://tester:5722f20a-6a3c-48f0-b81b-03cadfc21e8b@192.168.5.10:8003/server -v CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server key exchange (12): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using ECDHE-RSA-AES256-GCM-SHA384 * Server certificate: * subject: O=IT; CN=ceph-restful * start date: 2019-01-17 13:05:33 GMT * expire date: 2029-01-14 13:05:33 GMT * issuer: O=IT; CN=ceph-restful * SSL certificate verify result: self signed certificate (18), continuing anyway. * Server auth using Basic with user 'tester' > GET /server HTTP/1.1 > Authorization: Basic SECRETHERE > User-Agent: curl/7.35.0 > Host: 192.168.5.10:8003 > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 200 OK < Content-Length: 1964 < Content-Type: application/json; charset=UTF-8 < Server: Werkzeug/0.10.4 Python/2.7.12 < Date: Thu, 17 Jan 2019 14:16:36 GMT < [ { "ceph_version": "ceph version 12.2.10 (177915764b752804194937482a39e95e0ca3de94) luminous (stable)", "hostname": "DEVNODE-1", "services": [ { "id": "DEVNODE-1", "type": "mon" } ] }, { "ceph_version": "ceph version 12.2.10 (177915764b752804194937482a39e95e0ca3de94) luminous (stable)", "hostname": "DEVNODE-2", "services": [ { "id": "DEVNODE-2", "type": "mon" }, { "id": "1", "type": "osd" }, { "id": "DEVNODE-2", "type": "rgw" } ] }, { "ceph_version": "ceph version 12.2.10 (177915764b752804194937482a39e95e0ca3de94) luminous (stable)", "hostname": "DEVNODE-3", "services": [ { "id": "DEVNODE-3", "type": "mon" }, { "id": "2", "type": "osd" } ] }, { "ceph_version": "ceph version 12.2.10 (177915764b752804194937482a39e95e0ca3de94) luminous (stable)", "hostname": "DEVNODE-4", "services": [ { "id": "3", "type": "osd" } ] }, { "ceph_version": "ceph version 12.2.10 (177915764b752804194937482a39e95e0ca3de94) luminous (stable)", "hostname": "DEVNODE-5", "services": [ { "id": "5", "type": "osd" } ] }, { "ceph_version": "ceph version 12.2.10 (177915764b752804194937482a39e95e0ca3de94) luminous (stable)", "hostname": "DEVNODE-6", "services": [ { "id": "4", "type": "osd" } ] } ~~~ It's strange, because you have the RESTful API in the ``ceph-mgr``, but you also have the ceph-rest-api, as described here: https://ceph.com/geen-categorie/experimenting-with-the-ceph-rest-api/ Both are built into Ceph. I can't vouch for Mimic, but they're both in Luminous. The ``ceph-mgr`` RESTful plugin seems to be better for security because the requests are sent over HTTPS. Maybe the ceph-rest-api has SSL options? I didn't look much into it.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
