Openstack SDK attach cloud network

I don't think the current OpenStack SDK supports the nova api extension for virtual interfaces.

I'm not a nova guy.

I don't understand the difference between the OpenStack compute v2 os-interfaces API - and the Openstack compute os-virtual-interfacesv2 extension API.

But rackspace seems to have had to write an extension for the novaclient CLI to make it able to attach a new virtual interfaces for a cloud network to a running instance.

I was thinking I might have to write a new resource to support the api extension (probably just crib from the existing ServerInterface) - but it turned out there's already support in OpenStackSDK to boot instances with extra networks.

Here's what I'm using:

#!/usr/bin/env python
import os
import requests
import sys


# default instance and network attributes
IMAGE = '09de0a66-3156-48b4-90a5-1cf25a905207'
FLAVOR = 'general1-4'
REGION = 'DFW'
NETWORK = 'my-test'
CIDR = '192.168.5.0/24'

auth_url = os.environ.get(
    'OS_AUTHURL', 'https://identity.api.rackspacecloud.com/v2.0/')
# username and *password* must be set in the envrion
username = os.environ['OS_USERNAME']
password = os.environ['OS_PASSWORD']


# something about the rackspace cert makes requests mad
requests.packages.urllib3.disable_warnings()

from openstack import connection
from openstack.compute.v2._proxy import _server


# the openstacksdk doesn't support admin_pass
# https://bugs.launchpad.net/python-openstacksdk/+bug/1528949
class PatchedServerResource(_server.Server):

    def create_by_id(self, *args, **kwargs):
        resp = super(PatchedServerResource, self).create_by_id(*args, **kwargs)
        self._attrs['adminPass'] = resp.get('adminPass')
        return resp

_server.Server = PatchedServerResource

conn = connection.Connection(auth_url=auth_url,
                             username=username,
                             password=password)

conn.profile.set_region(conn.profile.ALL, REGION)


def _get_or_create_network(name):
    # this doesn't seem to work
    # network = conn.network.find_network(name)
    # https://feedback.rackspace.com/forums/298158-network/suggestions/11188446-500-error-response-in-cloud-network-api

    # so we just search by hand
    for n in conn.network.networks():
        if n.name == name:
            return n
    network = conn.network.create_network(name=name)
    conn.network.create_subnet(
        network_id=network.id, ip_version='4', cidr=CIDR)
    return network


def main():
    try:
        server_name = sys.argv[1]
    except IndexError:
        return 'USAGE: %s <server-name>' % sys.argv[0]

    image = conn.compute.find_image(IMAGE)
    flavor = conn.compute.find_flavor(FLAVOR)
    network = _get_or_create_network(NETWORK)
    network_ids = (
        network.id,
        # must explicitly include Public & Service networks
        '11111111-1111-1111-1111-111111111111',
        '00000000-0000-0000-0000-000000000000',
    )
    server = conn.compute.create_server(
        name=server_name, image=image, flavor=flavor,
        networks=[{'uuid': id_} for id_ in network_ids]
    )
    print 'pass', server['adminPass']
    server = conn.compute.wait_for_server(server)
    print 'ip', server.access_ipv4


if __name__ == "__main__":
    sys.exit(main())

So... that's not terrible.  You can see there's a few hacks in there - some defaults are globals for simplicity instead of bothering with argparse - credentials from environ for the same reason - I made the conn instance a global because it's easier to get ahold of in a repl just by importing - there's that weird cert error - some ugly monkey patching to get at admin_pass - another function for finding a network by name to work around something I hit in the Rackspace neutron API.

Having to add the awkward default static uuid's for the Public and Service networks sorta threw me on my first go 'round.

But all in all this works for creating new servers with a private cloud network on the Rackspace cloud.  Hooray!

Openstack SDK with Rackspace

I used to use rackspace-novaclient, but that fell apart on me.

If you search for the official python SDK for Rackspace Cloud - you're likely to find pyrax.

But I guess by summer '15 they were full on the Openstack-SDK ride!

Openstack-SDK seems like a decent attempt to organize things.  Docs are decent.  But my first attempt to do something 401'd

In [68]: conn.authorize()
---------------------------------------------------------------------------
HttpException                             Traceback (most recent call last)
 in ()
----> 1 conn.authorize()

/private/tmp/test-os-sdk/lib/python2.7/site-packages/openstack/connection.pyc in authorize(self)
    264             raise exceptions.HttpException("Unknown exception",
    265                                            six.text_type(ex),
--> 266                                            status_code=500)
    267 
    268         return headers.get('X-Auth-Token') if headers else None

HttpException: HttpException: Unknown exception, Unauthorized (HTTP 401)

Turns out, the openstack.connection.Connection class doesn't work quite like novaclient, a few params are different.  Instead of using your API Key - you need to use your password:

from openstack import connection

conn = connection.Connection(
    auth_url='https://identity.api.rackspacecloud.com/v2.0/',
    username='username',
    password='password')  # <- NOT API KEY!!!

After that the only tricky part was setting the region:

conn.profile.set_region(conn.profile.ALL, 'IAD')

Eulogy for Thomas Clay Gerrard

Thank you for joining us today to celebrate and honor the memory of my Father.

Thomas Clay Gerrard

Uncle Tom

Dad

or more recently Paw Paw

although a lot of us probably called him mostly, just “Yes, Sir”

I’d imagine many of you can share an experience where my Dad held a fatherly like role in your life - protective, supportive.  But in case any of you ever tried to imagine what it might have been like to have Tom as your actual father - well, I’d like to set the record straight.

It was amazing.

Yeah, better than you could imagine.

I was so blessed to grow up in home centered and supported by a good man of strong character, a countryman, a good husband and a great father.  He was a great example, and he is my ideal role model.

Dad was a man of integrity, honesty and authenticity.  He never acted for the benefit of others perception - his actions were guided by his own principles - he would tell you he “could not care less what those people thought” - but he was not disrespectful of others.  He spoke with sincerity and frankness - without pretense - although he might temper an obvious truth with wit and sarcasm.  “And how did that work out for you?”  

He taught me how to show grace and strength in the face of adversity - how to respectfully disagree…

But I also learned, that if you have passion about something (and Dad had passion for everything he did — “If it’s worth doing; it’s worth doing right”) … I learned that if you have passion for something - it’s ok to show that - it’s ok to get mad when someone messes up - people will respect you more if they know where you stand.  Everyone knew that Dad had high expectations, for himself and for those with him.  You can either suck it up and do your best - or you can get out of the way - there’s no place to half-ass it with Tom.  But he’d never hold a grudge.  He was willing to get mad, but he was far quicker to forgive, and if you told him up front that you had made a mistake, he respected that a great deal, and there was barely another word about it.  He was very fair.

We’ve all been gushing this week about what an amazing man my father was, and on occasion someone would try to help find some perspective by remembering “Yeah but he was strict too” - and that’s true.  I have often described my father as setting very high expectations.  He absolutely expected that the rules were obeyed.  But he was always was up front about the ground rules, and there were always well defined consequences.
So honestly, even as a younger man, I didn’t recall him as strict.  As I recall, as a boy, he had taught me discipline.  And so after that, when I was learning to be a young man and he told me “you KNOW better” - he was right.

My father vigorously supported and loved his country.  His grit and natural talent served our country well - throughout two terms during the Vietnam War with a Naval Construction Battalion - the Fighting SeaBees.   He remained, throughout his life willing and ready to defend this country.  He carried his sense of duty, loyalty and self sacrifice forward onto his family.  I believe he felt personally responsible to ensure our freedom and safety.  And I always knew we were in good strong hands.

My father was wise.  He had the experience, he had the knowledge, and he had good judgment - which made him an exceptional teacher.

I recall a passing moment, as a grown man, at my Aunt Linda’s house.  Dad had heard Aunt Linda mention that she and Fellow had collected the remains of a number of wooden decks - and that they wanted to assemble them together into a deck of sorts around the back of their house.  Dad immediately set to organizing the affair.  We had a lot of help.  Some folks I didn’t even know.  There was a young man, he must have been someone’s boyfriend or a neighbor, Dad had set him to running his screw gun.  A few screws in Dad stopped him - and I overheard “Hey.  Slow down.  Anyone can screw some boards down - it’s not a race.  You need to line up each screw, space them evenly, and run them down straight and even.  That’s craftsmanship.  That’s what it means.  When someone steps onto this deck - they’ll know that the person who built it - did it with care - and that they did a good job”  It felt like an out of body experience, watching that young boy receive that wisdom that my father had given me years ago - and he nodded and he understood.  He did a good job.

My dad taught me so much.  I still had so much to learn.  I know that in time the shock I’m feeling now will give way to grief, and in time after that I’ll learn to carry that sorrow with dignity.  But I don’t think I’ll ever be able to deny the big hole in my life, where I knew I could always turn to him for answers, and support.

So uncle Bill, next time when I’m asking you something about my water heater or whatever it is - and I just flat out loose it - you cut me some slack a’ight.

Dad had an uncanny gift for service.  Service, i’ve read, is one of the “love languages” - and that is how he was best able to show us just how MUCH he loved us.  And it suited him - “actions speak louder than words”.  As you remember how much my father has done for you - try not to get caught feeling a great debt for his service - he was HAPPY to do it.  It was his gift.  He loves you very much.