Nova Pollinate

An OpenStack Nova dynamic vendor data provider

This Python package provides a dynamic vendordata plugin for the OpenStack Nova metadata service for the Nectar Research Cloud.

Overview

Nova Pollinate is a standalone project that provides dynamic vendor data to OpenStack server instances.

The Nova metadata service can be configured to query this service, which can then return metadata to servers, based on context information provided by Nova.

Context provided by Nova

• project-id the UUID of the project that owns the instance
• instance-id the UUID of the instance
• image-id the UUID of the image used to boot this instance
• user-data as specified by the user at boot time
• hostname the hostname of the instance
• metadata as specified by the user at boot time

Configuration

Pollinate expects a configuration file at: /etc/nova-pollinate/nova-pollinate.conf

A well documented sample configuration file can be generated by running: tox -e genconfig

Pollinate requires two sets of Keystone credentials to be configured. One for validating Keystone auth tokens ([keystone_authtoken]) and another for making API requests to Keystone ([service_auth]). In many cases, these can be the same credentials, if using a service account.

Pollinate requires a list of providers to use for providing the data. This is set as the providers key under the [DEFAULT] section.

Entries in this list are comma separated, fully-qualified paths to Python classes, in dot notation.

For example:

[DEFAULT]
providers = pollinate.providers.keystone.KeystoneProvider,pollinate.providers.test_provider.TestProvider

Providers from other Python modules can be used in this way, if they subclass the pollinate.providers.PollinateProvider class.

Nova configuration

For Nova to query the Pollinate service, it needs to be configured with the URL details, such as:

[api]
vendordata_providers = DynamicJSON
vendordata_dynamic_targets = 'nectar@http://127.0.0.1:8612/'

When using Keystone authentication (default), you'll also need to provide some service credentials.

[vendordata_dynamic_auth]
# Options within this group control the authentication of the vendordata
# subsystem of the metadata API server (and config drive) with external
# systems.
auth_type = password
auth_url = < keystone auth url >
username = < service user >
password = < service user password  >
project_name = < service project >
user_domain_name = < service user domain >
project_domain_name = < service project domain >

Development

Testing

Environment variables will be loaded from .env in the project root directory

workon pollinate
pip install -r requirements.txt
flask run

Load the dev admin credentials

chcreds coreservices/development/admin

OS_TOKEN=$(openstack token issue -c id -f value)
curl -X POST -H "X-Auth-Token: $OS_TOKEN" \
    -H "HTTP_X_IDENTITY_STATUS: Confirmed" \
    -H "Content-Type: application/json" \
    --data '{"project-id": "c64856ec10154662a7fce6e0a36be242", "image-id": "47446046-f6ce-404e-a591-d72310fac1bf", "instance-id": "68347e42-b5b1-4e25-a541-a39a0ebb6b34"}' \
    http://localhost:8612/