openstack/ec2-api
Code Issues Proposed changes
RETIRED, AWS EC2 and VPC API support in standalone service for OpenStack.
297 Commits 10 Branches 28 Tags 12 MiB
5332325708
Go to file
Alexandre Levine 5332325708 Fixes in security_groups. 
Fixed exception for orphan "vpc-..."-named groups in describe.
Added check for not deleting default VPC group.
Added check for not deleting VPC if non-default groups exist.
Added check for not allowing creation of groups with existing names.

Change-Id: Ia205ff65409577d148c08b40a297d521d8a8acb1
2015-04-02 18:18:20 +04:00
devstack Add metadata to services list for devstack plugin 2015-03-24 11:42:20 +03:00
ec2api Fixes in security_groups. 2015-04-02 18:18:20 +04:00
etc/ec2api Refresh config sample 2015-03-21 01:20:59 +03:00
rally-scenarios Add images describing to rally scenarios 2015-03-02 13:20:24 +03:00
tools follow oslo 2015-02-26 22:04:09 +03:00
.gitignore add first functional test with infrastructure 2015-02-08 10:16:48 +03:00
.gitreview Added .gitreview 2014-06-25 19:24:05 +00:00
.testr.conf Add more tests 2015-02-10 16:24:43 +03:00
babel.cfg Initial EC2-API service commit. 2014-07-18 19:33:55 -07:00
HACKING.rst Initial EC2-API service commit. 2014-07-18 19:33:55 -07:00
install.sh set current user as owner for LOGDIR 2015-03-24 11:39:48 +03:00
LICENSE Initial EC2-API service commit. 2014-07-18 19:33:55 -07:00
MANIFEST.in Initial EC2-API service commit. 2014-07-18 19:33:55 -07:00
openstack-common.conf follow oslo 2015-02-26 22:04:09 +03:00
README.rst Fix spelling 2015-03-26 16:50:21 +03:00
requirements.txt add metadata test and fix metadata logic 2015-03-25 12:03:19 +03:00
run_tests.sh Initial EC2-API service commit. 2014-07-18 19:33:55 -07:00
setup.cfg Fix metadata setup 2015-03-20 13:26:13 +03:00
setup.py Initial EC2-API service commit. 2014-07-18 19:33:55 -07:00
test-requirements.txt Update requirements 2015-03-24 11:42:20 +03:00
tox.ini follow oslo 2015-02-26 22:04:09 +03:00

README.rst

OpenStack EC2 API README

Support of EC2 API for OpenStack. This project provides a standalone EC2 API service which pursues two goals: 1. Implement VPC API which is now absent in nova's EC2 API 2. Create a standalone service for EC2 API support which accommodates not only the VPC API but the rest of the EC2 API currently present in nova as well.

It doesn't replace existing nova EC2 API service in deployment, it gets installed to a different port (8788 by default).

Installation =====

Run install.sh

The EC2 API service gets installed on port 8788 by default. It can be changed before the installation in install.sh script.

The services afterwards can be started as binaries:

/usr/bin/ec2-api
/usr/bin/ec2-api-metadata

or set up as Linux services.

To configure OpenStack for EC2 API metadata service:

for Nova-network

add:

[DEFAULT]
metadata_port = 8789
[neutron]
service_metadata_proxy = True

to /etc/nova.conf

then restart nova-metadata (can be run as part of nova-api service) and nova-network services.

for Neutron

add:

[DEFAULT]
nova_metadata_port = 8789

to /etc/neutron/metadata_agent.ini

then restart neutron-metadata service.

Usage

Download aws cli from Amazon. Create configuration file for aws cli in your home directory ~/.aws/config:

[default]
aws_access_key_id = 1b013f18d5ed47ae8ed0fbb8debc036b
aws_secret_access_key = 9bbc6f270ffd4dfdbe0e896947f41df3
region = us-east-1

Change the aws_access_key_id and aws_secret_acces_key above to the values appropriate for your cloud (can be obtained by "keystone ec2-credentials-list" command).

Run aws cli commands using new EC2 API endpoint URL (can be obtained from keystone with the new port 8788) like this:

aws --endpoint-url http://10.0.2.15:8788/services/Cloud ec2 describe-instances

Limitations

General: - DryRun option is not supported. - Some exceptions are not exactly the same as reported by AWS.

Not supported functionality features: - VPN - Network ACL - VPC Peering connection - Classic Link - Reserved Instances - Spot Instances - Placement Groups - Monitoring Instances and Volumes - Instances Tasks - Bundle, Export, Import

Availability zone related: - messages AvailabilityZone property - regionName AvailabilityZone property

Image related: - CopyImage - ResetImageAttribute - creationDate Image property - platform Image property - productCodes Image property - description Image property - hypervisor Image property - imageOwnerAlias Image property - sriovNetSupport Image property - stateReason Image property - virtualizationType Image property - encrypted EbsBlockDevice property - iops EbsBlockDevice property - volumeType EbsBlockDevice property - selective filtering by Image Owner

Instance related: - DescribeInstanceStatus - ReportInstanceStatus - ModifyInstanceAttribute - ResetInstanceAttribute - productCodes Instance property - sourceDestCheck Instance property - ebsOptimized Instance property - sriovNetSupport Instance property - monitoring Instance property - placement Instance property - platform Instance property - publicDnsName Instance property - stateTransitionReason Instance property - architecture Instance property - ebsOptimized Instance property - hypervisor Instance property - iamInstanceProfile Instance property - instanceLifecycle Instance property - spotInstanceRequestId Instance property - stateReason Instance property - virtualizationType Instance property - instanceInitiatedShutdownBehavior Instance attribute - disableApiTermination Instance attribute - attachTime EbsInstanceBlockDevice property

Network interface related: - availabilityZone NetworkInterface property

Snapshot related: - CopySnapshot - ModifySnapshotAttribute - ResetSnapshotAttribute - encryption Snapshot property - kmsKeyId Snapshot property - ownerAlias Snapshot property - selective filtering by Snapshot Owner, RestorableBy

Subnet related: - ModifySubnetAttribute - availabilityZone Subnet property - defaultForAz Subnet property - mapPublicIpOnLaunch Subnet property

Volume related: - DescribeVolumeAttribute - DescribeVolumeStatus - ModifyVolumeAttribute - kmsKeyId Volume property - iops Volume property - deleteOnTermination property (supported for describing instances only) - volumeType (current implementation isn't AWS compatible) Volume property

VPC related: - describeVpcAttribute - modifyVpcAttribute - instanceTenancy VPC property

DescribeAccountAttributes result properties: - pc-max-security-groups-per-interface AccountAttribute property - max-elastic-ips AccountAttribute property - vpc-max-elastic-ips AccountAttribute property

Supported Features

EC2 API with VPC API except for the limitations above.

Additions to the legacy nova's EC2 API include: 1. VPC API 2. Filtering 3. Tags

Legacy OpenStack release notice

EC2 API supports Havana, Icehouse, Juno with additional limitations:

Instance related: - rootDeviceName Instance property - kernelId Instance property - ramdiskId Instance property - userData Instance property - hostName Instance property - reservationId Reservation property (ec2api own ids are generated for instances launched not by ec2api) - launchIndex Instance property (0 for instances launched not by ec2api)

Volume related: - deleteOnTermination property

Network interface related: - deleteOnTermination (False value can be assigned but doesn't supported)

All these properties can be specified in RunInstance command though, they are not reported in describe operations.

EC2 API supports Nova client (>=2.16.0) with no microversion support. Additional limitations are the same, except network interfaces' deleteOnTermination.

References

Blueprint: https://blueprints.launchpad.net/nova/+spec/ec2-api

Spec: https://review.openstack.org/#/c/147882/