Monday, October 13, 2014

Ingredients of OpenStack API

In VMworld 2014, VMware announced a new product VMware Integrated OpenStack.  Currently this product is still in beta and will be available in the first quarter of 2015.

OpenStack has been a popular technology for private cloud orchestration.  In this article OpenStack is described as a modular architecture that currently has eleven components: 

  • Nova - provides virtual machines (VMs) upon demand.
  • Swift - provides a scalable storage system that supports object storage.
  • Cinder - provides persistent block storage to guest VMs.
  • Glance - provides a catalog and repository for virtual disk images.
  • Keystone - provides authentication and authorization for all the OpenStack services.
  • Horizon - provides a modular web-based user interface (UI) for OpenStack services.
  • Neutron - provides network connectivity-as-a-service between interface devices managed by OpenStack services.
  • Ceilometer - provides a single point of contact for billing systems.
  • Heat - provides orchestration services for multiple composite cloud applications.
  • Trove - provides database-as-a-service provisioning for relational and non-relational database engines.

 Image Source:

Each component needs to obtain an authentication token from the Keystone module and this is accomplished by API.  OpenStack APIs are used to create and manage resource of each of these modules.  If we want to dig deeper into OpenStack, it is essential that we know more about OpenStack APIs. 

This OpenStack Wiki page has a good description on OpenStack API.  It stated that OpenStack API is the Management and Control plane for a Cloud Infrastructure built using the various components (see above).  A few things were mentioned about OpenStack API:
  • it is REST-ful
  • JSON based
  • Each core project will expose one or more RESTful interface for the purpose of interacting with the outside world.

Let’s look at some of the ingredients that make up of OpenStack API.

REST stands for Representational State Transfer and it is an architecture that generally runs over HTTP.  REST can be looked at as a light weighted web services

Good articles for REST can be found in here and here.

REST APIs are used by many “well known” applications such as PayPal, Twitter and Facebook, Google and mobile devices.  The list can go on and on.

In the context of OpenStack we can see that RESTful APIs has the following characteristics:
  • Stateless
  • Use of URI to expose resources
  • Noun based protocol e.g. GET, POST, DELETE etc
Besides being used by the various OpenStack components for management and control, REST API is heavily used by the Swift component for operations such as creation, deletion and/or retrieval of the object storage elements.

JSON stands for JavaScript Object Notation and it is a lightweight data-interchange format.  The official website for JSON is here. It mentioned that JSON is built on 2 structures:
  • A collection of name/value pairs
  • An ordered list of values

Scott Lowe has a nice article on JSON as well as links to other useful page for getting to know JSON.

This picture shows how JSON is used in RESTful API
 image source:

WSGI stands for Web Server Gateway Interface is a specification for simple and universal interface between web servers and web applications or frameworks for Pythons according to Wikipedia. 

OpenStack is written in Python and WSGI is a natural fit if an OpenStack component needs to implement a web based framework to handle the RESTful HTTP request and to provide the response.  It can be looked as a “Middle-ware” for the module.

This may not be directly related to OpenStack API, we can find WSGI modules in the Nova and Neutron component as well as the Swift component.

The Ceilometer components, however, used Flask instead of the WSGI framework.

OpenStack API is a very powerful tool.  One aspect that we cannot ignore is security. 

At the very least for the RESTful HTTP based OpenStack API can be configured to use HTTPS instead of HTTP.

RESTful HTTP API has 3 kinds of message authentication method:
  • Basic HTTP
  • OAuth
  • None

I have not looked at OAuth but this is used extensively in OpenStack.

In Keystone (OpenStack Identity Service), the identity-api is in fact the entry point for all service API in which Keystone issue a token to client and this token is used for any API calls to the OpenStack API end points such as nova-api, glance-api , neutron-api … etc.


  1. Hi Anthony,

    Gasping at your brilliance! Thanks, a tonne for sharing all that content. Can’t stop reading. Honestly!

    I am getting the below error when tried to install any lib like urllib,urlib2,request etc
    my OS is Windows:7 / 64 Bit .

    A lambda form in python does not have statements as it is used to make new function object and then return them at runtime. It is a single expression anonymous function often used as inline function.

    What could be the reason, can you guys help me?
    Python Code: (Double-click to select all)
    1 C:\Program Files\Python36\Scripts>pip install urllib
    Traceback (most recent call last):
    File "c:\program files\python36\lib\", line 193, in _run_module_as_mai
    "__main__", mod_spec)
    File "c:\program files\python36\lib\", line 85, in _run_code
    exec(code, run_globals)
    File "C:\Program Files\Python36\Scripts\pip.exe\", line 5, in
    ImportError: cannot import name 'main'

    I read multiple articles and watched many videos about how to use this tool - and was still confused! Your instructions were easy to understand and made the process simple.


  2. Very good written information. It will be valuable to anybody who employees it, as well as yours truly :). Keep up the good work ? for sure i will check out more posts. 카지노

  3. Magnificent beat ! I wish to apprentice while you amend your web site, how could i subscribe for a blog web site?
    The account aided me a acceptable deal. I had been a little bit acquainted
    of this your broadcast provided bright clear concept 메이저사이트

  4. What’s up to all, it’s genuinely a fastidious for me to visit this website, it consists of priceless Information 스포츠토토

  5. The ingredients of OpenStack API are its key components that facilitate seamless cloud operations. How Hack Mobile Keystone for identity management, Nova for compute resources, Neutron for networking, Glance for image services.