A modern dashboard for OpenStack - API server
Go to file
Wenxiang Wu b1a693d0a3 docs: add FAQ in README.rst
Closes-Bug: #2049807
Change-Id: I9beb1c1e7ba2d8c0378d4eabe8dbd05ffeb06c69
2024-01-24 06:04:49 +00:00
.vscode chore: Remove poetry 2022-05-25 22:26:42 +08:00
container refactor: Prefer separate LABEL instructions 2023-12-01 14:02:00 +01:00
devstack fix: Add GLOBAL_VENV into skyline devstack plugin script 2023-08-18 13:12:31 +08:00
doc Update the installation documentation 2023-11-01 13:32:10 +08:00
etc Update the installation documentation 2023-11-01 13:32:10 +08:00
kolla docs: update kolla-ansible deploy skyline steps 2023-07-07 17:37:01 +08:00
playbooks/devstack chore: Remove poetry 2022-05-25 22:26:42 +08:00
releasenotes feat: Add default_project_id 2023-11-17 18:22:54 +08:00
skyline_apiserver fix: user login failure due to no role assignment to its default project 2024-01-18 15:51:40 +08:00
spec docs: bp-2024-h1-todo-list.md 2024-01-17 13:46:22 +08:00
tools support masakari and designate 2023-10-25 17:23:50 +08:00
.dockerignore feat: Add doc base frame 2022-07-29 14:31:57 +08:00
.gitignore feat: Add doc base frame 2022-07-29 14:31:57 +08:00
.gitreview fix: update skyline nginx log file address 2022-02-09 16:42:42 +08:00
.isort.cfg chore: Remove poetry 2022-05-25 22:26:42 +08:00
.zuul.yaml feat: Add doc base frame 2022-07-29 14:31:57 +08:00
bindep.txt feature: Add ZUUL JOBs 2021-08-25 15:01:17 +08:00
LICENSE feat: Add initial code of skyline-apiserver 2021-06-01 23:39:57 +08:00
Makefile fix: remove console tarball before downloading 2024-01-17 13:38:27 +08:00
MANIFEST.in fix: Add MANIFEST.in and remove templates from packages 2022-07-21 13:42:09 +08:00
mypy.ini feat: Support mypy check 2022-07-28 16:09:31 +08:00
pytest.ini chore: Remove poetry 2022-05-25 22:26:42 +08:00
README-zh_CN.rst Update the installation documentation 2023-11-01 13:32:10 +08:00
README.rst docs: add FAQ in README.rst 2024-01-24 06:04:49 +00:00
requirements.txt Revert "fix SQLAlchemy version" 2024-01-23 11:16:15 +01:00
setup.cfg fix: Add MANIFEST.in and remove templates from packages 2022-07-21 13:42:09 +08:00
setup.py chore: Remove poetry 2022-05-25 22:26:42 +08:00
swagger.json feat: Add default_project_id 2023-11-17 18:22:54 +08:00
test-requirements.txt Update requirements and test-requirements 2023-03-27 13:12:25 +08:00
tox.ini fix: eliminate whitespace in passenv values 2023-01-03 17:03:32 +08:00

Skyline API Server

English | 简体中文

Skyline is an OpenStack dashboard optimized by UI and UE, support OpenStack Train+. It has a modern technology stack and ecology, is easier for developers to maintain and operate by users, and has higher concurrency performance.

Skyline's mascot is the nine-color deer. The nine-color deer comes from Dunhuang mural “the nine-color king deer”, whose moral is Buddhist cause-effect and gratefulness, which is consistent with 99cloud's philosophy of embracing and feedback community since its inception. We also hope Skyline can keep light, elegant and powerful as the nine-color deer, to provide a better dashboard for the openstack community and users.

image0

Table of contents

Resources

Quick Start

Prerequisites

  • An OpenStack environment that runs at least core components and can access OpenStack components through Keystone endpoints
  • A Linux server with container engine (docker or podman) installed

Configure

  1. Edit the /etc/skyline/skyline.yaml file in linux server

    You can refer to the sample file, and modify the following parameters according to the actual environment

    • database_url
    • keystone_url
    • default_region
    • interface_type
    • system_project_domain
    • system_project
    • system_user_domain
    • system_user_name
    • system_user_password

Deployment with Sqlite

  1. Run the skyline_bootstrap container to bootstrap

    rm -rf /tmp/skyline && mkdir /tmp/skyline && mkdir /var/log/skyline
    
    docker run -d --name skyline_bootstrap -e KOLLA_BOOTSTRAP="" -v /var/log/skyline:/var/log/skyline -v /etc/skyline/skyline.yaml:/etc/skyline/skyline.yaml -v /tmp/skyline:/tmp --net=host 99cloud/skyline:latest
    
    # Check bootstrap is normal `exit 0`
    docker logs skyline_bootstrap
  2. Run the skyline service after bootstrap is complete

    docker rm -f skyline_bootstrap

    If you need to modify skyline port, add -e LISTEN_ADDRESS=<ip:port> in the following command

    LISTEN_ADDRESS defaults to 0.0.0.0:9999

    If you need to modify the policy rules of a service, add -v /etc/skyline/policy:/etc/skyline/policy in the following command

    Rename the service policy yaml file to <service_name>_policy.yaml, and place it in /etc/skyline/policy folder

    docker run -d --name skyline --restart=always -v /var/log/skyline:/var/log/skyline -v /etc/skyline/skyline.yaml:/etc/skyline/skyline.yaml -v /tmp/skyline:/tmp --net=host 99cloud/skyline:latest

Deployment with MariaDB

https://docs.openstack.org/skyline-apiserver/latest/install/docker-install-ubuntu.html

API Doc

You can visit the API doc https://<ip_address>:9999/api/openstack/skyline/docs

Test Access

You can now access the dashboard: https://<ip_address>:9999

Develop Skyline-apiserver

Support Linux & Mac OS (Recommend Linux OS) (Because uvloop & cython)

Dependent tools

Use the new feature Context Variables of python37 & uvloop(0.15.0+ requires python37). Considering that most systems do not support python37, we choose to support python38 at least.

  • make >= 3.82
  • python >= 3.8
  • node >= 10.22.0 (Optional if you only develop with apiserver)
  • yarn >= 1.22.4 (Optional if you only develop with apiserver)

Install & Run

  1. Installing dependency packages

    tox -e venv
  2. Set skyline.yaml config file

    cp etc/skyline.yaml.sample etc/skyline.yaml
    export OS_CONFIG_DIR=$(pwd)/etc

    Maybe you should change the params with your real environment as followed:

    - database_url
    - keystone_url
    - default_region
    - interface_type
    - system_project_domain
    - system_project
    - system_user_domain
    - system_user_name
    - system_user_password

    If you set such as sqlite:////tmp/skyline.db for database_url , just do as followed. If you set such as mysql://root:root@localhost:3306/skyline for database_url , you should refer to steps 1 and 2 of the chapter Deployment with MariaDB at first.

  3. Init skyline database

    source .tox/venv/bin/activate
    make db_sync
    deactivate
  4. Run skyline-apiserver

    $ source .tox/venv/bin/activate
    $ uvicorn --reload --reload-dir skyline_apiserver --port 28000 --log-level debug skyline_apiserver.main:app
    
    INFO:     Uvicorn running on http://127.0.0.1:28000 (Press CTRL+C to quit)
    INFO:     Started reloader process [154033] using statreload
    INFO:     Started server process [154037]
    INFO:     Waiting for application startup.
    INFO:     Application startup complete.

    You can now access the online API documentation: http://127.0.0.1:28000/docs.

    Or, you can launch debugger with .vscode/lauch.json with vscode.

  5. Build Image

    make build

Devstack Integration

Fast integration with Devstack to build an environment.

Kolla Ansible Deployment

Kolla Ansible to build an environment.

image1

FAQ

  1. Policy

    Q: Why common user could login, but could list the nova servers?

    Bug #2049807

    Symptom:
    -----------------------------------
    1. Login Horizon with common user A, list servers OK.
    2. Login Skyline with same common user A, could list the nova servers, F12 show no http requests sent from network, however webpage show 401, do not allow to list servers
    
    Root Cause Analysis:
    -----------------------------------
    1. Horizon don't know whether a user could do an action at a resource or not. It simply pass request to recording service, & service (Nova) do the check by its policy file. So it works.
    2. Skyline check the action by itself, with /policy API. If you do not configure it, the default value follows community, like: https://docs.openstack.org/nova/2023.2/configuration/sample-policy.html
    
    How to fix:
    -----------------------------------
    1. By default, list servers need "project_reader_api": "role:reader and project_id:%(project_id)s"
    2. You should config your customized role, for example: member, _member_, projectAdmin, etc, create implied reader role. "openstack implied role create --implied-role member projectAdmin", or "openstack implied role create --implied-role reader _member_"
    
    # openstack implied role list
    +----------------------------------+-----------------+----------------------------------+-------------------+
    | Prior Role ID | Prior Role Name | Implied Role ID | Implied Role Name |
    +----------------------------------+-----------------+----------------------------------+-------------------+
    | fe21c5a0d17149c2a7b02bf39154d110 | admin | 4376fc38ba6a44e794671af0a9c60ef5 | member |
    | 4376fc38ba6a44e794671af0a9c60ef5 | member | e081e01b7a4345bc85f8d3210b95362d | reader |
    | bee8fa36149e434ebb69b61d12113031 | projectAdmin | 4376fc38ba6a44e794671af0a9c60ef5 | member |
    | 77cec9fc7e764bd4bf60581869c048de | _member_ | e081e01b7a4345bc85f8d3210b95362d | reader |
    +----------------------------------+-----------------+----------------------------------+-------------------+