etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Initial AWS EC2 docs

This commit is contained in:
Sebastien Goasquen 2012-09-23 09:13:45 -04:00 committed by David Nalley
parent 96c7e3fddc
commit 56b4ac184f
16 changed files with 694 additions and 836 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
awsapi/docs/AmazonEC2/EC2-API-tool-setup.txt
View File

@ -1,68 +0,0 @@
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-----------------------------------------------------------
1. Get the EC2 API tool
http://s3.amazonaws.com/ec2-downloads/ec2-api-tools-1.3-62308.zip. Install it by unzipping it
2. Prepare a API request certificate, if you have Amazon account, Amazon has the service to let you generate and download a X509 certificate and its associated private key
3. Prepare EC2 command running environment
Set following environment variables and make them point to the right location.
EC2_ACCESS_KEY=<CloudStack API key>
EC2_SECRET_KEY=<CloudStack Secret key>
EC2_HOME: <full path to your EC2 API tool installation directory>
EC2_CERT: <full path to your certficate file>
EC2_PRIVATE_KEY: <full path to your private key file for the certficate>
EC2_URL: http://<CloudBridge server address>/bridge/AmazonEC2
4. Generate CloudStack API key
Login to CloudStack management console, you can generate an API key and its secret key pair there.
5. Inform CloudBridge about the API/security key pair to use
http://<CloudBridge server address>/bridge/rest/AmazonEC2?Action=SetUserKeys&accesskey=<key>&secretkey=<key>
6. Upload certificate and associate it with the API key
There is not a convenient tool to do that, this has to be done in manual step. following HTML form can be used to submit the certificate, be sure to replace the content
matching with your setup though.
to ec2-service.properties
<HTML>
<BODY>
Save the cert into Cloud's EC2 Service:
<P>
<FORM name="setcert" action="http://<CloudBridge server address>/bridge/rest/AmazonEC2" method="get">
<input type="hidden" name="Action" value="SetCertificate"/>
<input type="hidden" name="AWSAccessKeyId" value="<your API key>" />
<input type="hidden" name="SignatureMethod" value="HmacSHA1" />
<input type="hidden" name="SignatureVersion" value="2" />
<input type="hidden" name="Expires" value="2010-11-15T10:10:10Z" />
<input type="hidden" name="Timestamp" value="2011-11-15T10:10:10Z" />
<input type="hidden" name="Version" value="2010-08-31" />
<input type="hidden" name="Signature" value="7KUYxW5YOpUZyZGCP49BudZraGU=" />
<TEXTAREA name="cert" cols=100 rows=20></TEXTAREA>
<P>
<input type="submit" value="Submit" />
</FORM>
</BODY>
</HTML>

164
awsapi/docs/AmazonEC2/EC2-implementation-guide.html
View File

@ -1,164 +0,0 @@
<HTML>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<HEAD>
<TITLE>Cloud.com's EC2 API Implementation Guide</TITLE>
</HEAD>
<BODY>
<H1>Cloud.com's EC2 API Implementation Guide</H1>
3/24/2011
<H2>Table of Contents</H2>
<UL>
<LI><A href="#conf">1. Configuration Parameters</A></LI>
<LI><A href="#party">2. Required 3rd Party Software</A></LI>
<LI><A href="#maintenace">3. Maintenance</A></LI>
<LI><A href="#install">4. Installation Instructions</A></LI>
<LI><A href="#refs">5. References</A></LI>
</UL>
<P>
<H2 id="conf">1. Configuration Parameters</H2>
Several configuration parameters are required to make Cloud.com's EC2 service work properly.
The following parameters are defined in the file:</BR> &lt;install directory>"/apache-tomcat-6.0.18/conf/ec2-service.properties":
<pre>
managementServer=192.168.154.36
cloudAPIPort=8080
WSDLVersion=2010-08-31
keystore=xes.keystore
keystorePass=apache
dbName=cloudsbridge
dbUser=root
dbPassword=
pollInterval1=100
pollInterval2=100
pollInterval3=100
pollInterval4=1000
pollInterval5=100
pollInterval6=100
</pre>
<I>managementServer</I> - FQDN or IP address of a Cloud.com management server. This is the address that
the EC2 service makes Cloud.com REST API calls against.</BR>
<I>cloudAPIPort</I> - The TCP port that the CloudStack, User API is running on. If this property is not defined,
then no port is used by the EC2 service when it queries the CloudStack.</BR>
<I>WSDLVersion</I> - The string that defines the WSDL used by the SOAP API which the REST API also implements.
This string is compared to the "Version=" parameter on each and every authorized REST request.</BR>
<I>keystore</I> - The file name of the keystore used by EC2 which must be placed at the directory:
"../apache-tomcat-6.0.18/webapps/bridge/WEB-INF/classes"</BR>
<I>keystorePass</I> - The password to the EC2 keystore specified by the "keystore" parameter.</BR>
<I>dbName</I> - The MySql database name holding the EC2 service's required tables.</BR>
<I>dbUser=</I> - The user name used to access the "dbName" MySql database.</BR>
<I>dbPassword</I> - The password (if any) the "dbUser" needs to access the EC2 MySql database.</BR>
<I>pollInterval1</I> - Time in milliseconds between asynchronous job completion polling for the following Cloud.com
API call: createTemplate. Default value is 100.</BR>
<I>pollInterval2</I> - Time in milliseconds between asynchronous job completion polling for the following Cloud.com
API call: deployVirtualMachine. Default value is 100.</BR>
<I>pollInterval3</I> - Time in milliseconds between asynchronous job completion polling for the following Cloud.com
API call: createVolume. Default value is 100.</BR>
<I>pollInterval4</I> - Time in milliseconds between asynchronous job completion polling for the following Cloud.com
API call: createSnapshot. Default value is 1000.</BR>
<I>pollInterval5</I> - Time in milliseconds between asynchronous job completion polling for the following Cloud.com
API calls: deleteSnapshot, deleteTemplate, deleteVolume, attachVolume, detachVolume, disassociateIpAddress, enableStaticNat, disableStaticNat. Default value is 100.</BR>
<I>pollInterval6</I> - Time in milliseconds between asynchronous job completion polling for the following Cloud.com
API calls: startVirtualMachine, destroyVirtualMachine, stopVirtualMachine. Default value is 100.</BR>
<P>
<BR>
The following REST calls are used to configure a mapping between Amazon's instance types and CloudStack service offerings:
<P>
http://&lt;fqdn-or-ip&gt;:&lt;port&gt;/bridge/rest/AmazonEC2?Action=SetOfferMapping&amazonoffer=m1.large&cloudoffer=1<BR>
<P>
The 'amazonoffer' parameter defines the standard Amazon instance types while the 'cloudoffer' parameter defines its associated
CloudStack service offering identifer. The result of this REST call is to save the defined relationship. A second call with the
same value for amazonoffer but with a different cloudoffer value will overwrite a previously saved setting.
<BR>
SetOfferMapping is an authenticated REST call using the same authentication scheme as all other EC2 REST calls. This means that the following standard EC2 REST paramters must also be part of the request: Signature, SignatureMethod, Version, SignatureVersion, and Expires.
A HTTP 200 result code is returned on success and a 404 on failure.
<P>
http://&lt;fqdn-or-ip&gt;:&lt;port&gt;/bridge/rest/AmazonEC2?Action=DeleteOfferMapping&amazonoffer=m1.large<BR>
<P>
The result of this REST call is to delete any relationship previously defined by a call to the SetOfferMapping call for the
value passed in the 'amazonoffer' parameter.<BR>
DeleteOfferMapping is an authenticated REST call using the same authentication scheme as all other EC2 REST calls. This means that the following standard EC2 REST paramters must also be part of the request: Signature, SignatureMethod, Version, SignatureVersion, and Expires.
A HTTP 200 result code is returned on success and a 404 on failure.
<P>
Examples of other Amazon instance types are:
{ "m1.small", "m1.large", "m1.xlarge", "c1.medium", "c1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge" }.</BR>
Service offering IDs can be obtained from the following Cloud.com API calls: listServiceOfferings.
Cloud.com's service offerings are configurable and thus can be different per installation, and they
can also be viewed from the Cloud.com's Admin UI.
<P>
<H2 id="party">2. Required 3rd Party Software</H2>
Cloud.com's EC2 service has been built and tested on the following set of 3rd party software:
<pre>
MySql
apache-tomcat 6.0.18
axis2 1.5.1
rampart 1.5 (installed into axis2 for WS-Security)
used for testing: ec2-api-tools-1.3-53907
</pre>
<P>
<H2 id="maintenace">3. Maintenance</H2>
As a result of the SetCertificate REST call <A href="#ref1">[1]</A>, X509 Certificates used for SOAP authentication are
stored in the following keystore:
<pre>
&lt;install directory>/apache-tomcat-6.0.18/webapps/bridge/WEB-INF/classes/xes.keystore
</pre>
The keytool <A href="#ref2">[2]</A> command line tool can be used to delete certificates no longer in use.
<P>
As a result of the SetUserKeys REST call <A href="#ref1">[1]</A>, entries are inserted into
the "usercredentials" table of the "cloudbridge" MySql database.
The MySql command line client can be used to delete usercredentials entries no longer in use.
<P>
<H2 id="install">4. Installation Instructions</H2>
<P>
On the very first install an EC2/S3 MySql database is created by running the following
scripts in the given order: cloudsbridge_db.sql, cloudsbridge_schema.sql, cloudbridge_index.sql
<P>
After a successful installation the following directory and file structure should exist:
<pre>
&lt;install directory>
apache-tomcat-6.0.18
conf
ec2-service.properties (EC2 service's configuration parameters)
server.xml
lib
&lt;many axis2 jar files>
webapps
bridge
WEB-INF
classes
crypto.properties
xes.keystore (holds X509 certificates for SOAP authentication)
modules
cloud-auth-ec2.mar
rampart-1.5.mar
rahas-1.5.mar
addressing-1.5.1.mar
services
cloud-ec2.aar (the Axis2 EC2 service)
</pre>
The "../modules/cloud-auth-ec2.mar" module performs a mapping from an X509 certificate appearing in a SOAP
request (since its signed via WS-Security) to a matching user's Cloud.com API access and secret keys. This association
is first created via the SetUserKeys and SetCertificate REST calls [1].
<P>
<H2 id="refs">5. References</H2>
<OL>
<LI id="ref1">Cloud.com's EC2 API User's Guide, 7/15/2010</LI>
<LI id="ref2"><A href="http://download.oracle.com/docs/cd/E17476_01/javase/1.4.2/docs/tooldocs/windows/keytool.html">keytool - Key and Certificate Management Tool</A></LI>
</OL>
</BODY>
</HTML>

92
awsapi/docs/AmazonEC2/EC2-local-deploy-using-ant.html
View File

@ -1,92 +0,0 @@
<HTML>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<HEAD>
<TITLE>Cloud.com's EC2 local deployment Guide</TITLE>
</HEAD>
<BODY>
<H1>Cloud.com's EC2 local deployment Guide</H1>
8/30/2010
8/25/2011 (updated)
<H2>Table of Contents</H2>
<UL>
<LI><A href="#prereq">1. Required 3rd Party Software</A></LI>
<LI><A href="#git">2. Clone repository</A></LI>
<LI><A href="#build">3. Build, deploy and run cloud-bridge with ant</A></LI>
</UL>
<P>
<H2 id="prereq">1. Required 3rd Party Software</H2>
1) Following software has to be installed in order to deploy and run cloud-bridge tool:
<pre>
apache-tomcat-6.0.32
axis2 1.5.1 (http://apache.imghat.com//ws/axis2/1_5/axis2-1.5-bin.zip)
ant
java
mysql
</pre>
2) Set following environment variables:
<pre>
ANT_HOME
CATALINA_HOME
export ANT_HOME
export JAVA_HOME
</pre>
3) Go to CATALINA_HOME directory and excute “mkdir temp” (this directory is used for storing temporary axis files)
<P>
<H2 id="git">2. Clone repository</H2>
Clone cloud-bridge repository:
<pre>
git clone git@github.com:alena11081/cloud-bridge.git
</pre>
<P>
<H2 id="build">3. Build, deploy and run cloud-bridge with ant</H2>
Deployment procedure using ant (build.xml and build-cloud-bridge.xml are config files), execute from cloned cloud-bridge directory:.
<pre>
* ant clean - removes dist directory
* ant clean-tomcat - cleans up $CATALINA_HOME/webapps/bridge directory
* ant build-cloud-bridge compiles and places the resulting jars into cloud-bridge/dist:
ls dist/
cloud-auth-ec2.mar cloud-auth-s3.mar cloud-bridge.jar cloud-ec2.aar cloud-s3.aar
* deploy-axis - copies and unwars cloud-bridge/lib/axis2-webapp-1.5.1.war to $CATALINA_HOME/webapps/bridge directory
<b>ant deploy-cloud-bridge</b> copies files to $CATALINA_HOME/webapps/bridge tomcat directory:
- copy cloud-bridge/dist/cloud-ec2.aar and cloud-s3.aar to $CATALINA_HOME/webapps/bridge/WEB-INF/services
- copy cloud-bridge/dist/cloud-auth-ec2.mar and cloud-auth-s3.mar to $CATALINA_HOME/webapps/bridge/WEB-INF/modules
- copy all .mar files from cloud-bridge/modules to $CATALINA_HOME/webapps/bridge/WEB-INF/modules
- copy cloud-bridge/dist/cloud-bridge.jar to $CATALINA_HOME/webapps/bridge/WEB-INF/lib
- copy all .jar files from cloud-bridge/lib directory to $CATALINA_HOME/webapps/bridge/WEB-INF/lib
- copy all .jar files from cloud-bridge/rampartlib directory to $CATALINA_HOME/webapps/bridge/WEB-INF/lib
<del>- copy all files from cloud-bridge/conf directory to $CATALINA_HOME/webapps/bridge/WEB-INF/conf</del>
- copy cloud-bridge/resource/Axis2/axis2.xml to $CATALINA_HOME/webapps/bridge/WEB-INF/conf
- copy cloud-bridge/web/web.xml to $CATALINA_HOME/webapps/bridge/WEB-INF
- copy cloud-bridge/resource/AmazonEC2/crypto.properties and xes.keystore to $CATALINA_HOME/webapps/bridge/WEB-INF/classes/
- remove $CATALINA_HOME/webapps/bridge/WEB-INF/lib/dom4j-1.6.1.jar
ant deploydb - execute cloud-bridge/db/mysql/deploy-db-bridge.sh (for Unix). If it's a windows deployment, execute db/mysql/init_db.bat script
5) Configure ec2-service.properties (see parameters descriptions in resource/AmazonEC2/docs/EC2-implementation-guide.html).
6) To run application execute "./catalina.sh run" from $CATALINA_HOME/bin directory.
</BODY>
</HTML>

275
awsapi/docs/AmazonEC2/EC2-users-guide.html
View File

@ -1,275 +0,0 @@
<HTML>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<HEAD>
<TITLE>Cloud.com's EC2 API User's Guide</TITLE>
</HEAD>
<BODY>
<H1>Cloud.com's EC2 API User's Guide</H1>
4/17/2010
<H2>Table of Contents</H2>
<UL>
<LI><A href="#part1">Part 1. Cloud.com's Specific Implementation Details</A></LI>
<UL>
<LI><A href="#registration">1. User Registration</A></LI>
<UL>
<LI><A href="#cloudkeys">1.1 Setting Cloud.com API Keys</A></LI>
<LI><A href="#certifiates">1.2 Setting a User's X509 Certificate</A></LI>
</UL>
<LI><A href="#endpoints">2. Endpoints</LI>
<LI><A href="#differences">3. Differences between Amazon's and Cloud.com's EC2 Implementations</A></LI>
<LI><A href="#misc">4. Miscellaneous</A><P></LI>
</UL>
<LI><A href="#part2">Part 2. Generic EC2 Details</A></LI>
<UL>
<LI><A href="#functions">List of EC2 Functions Implemented</A></LI>
<LI><A href="#wsdl">Supported WSDL Version</A><P></LI>
</UL>
<LI><A href="#refs">References</A></LI>
</UL>
<P></BR>
<H2 id="part1">Part 1. Cloud.com's Specific Implementation Details</H2>
<H3 id="registration">1. User Registration</H3>
To access Cloud.com's EC2 service via REST follow the instructions in Section 1.1.
To access Cloud.com's EC2 service via SOAP follow instructions in both Section 1.1 and 1.2 below.
<P>
<H3 id="cloudkeys">1.1 Setting Cloud.com API Keys</H3>
The EC2 service needs to be given the user's Cloud.com API access and secret keys <A href="#ref2">[2]</A> so that it
can make Cloud.com API calls on the user's behalf. This is done by the following REST command.
<pre>
http://&lt;fqdn-or-ip>:&lt;port>/bridge/rest/AmazonEC2?Action=SetUserKeys&accesskey=&lt;key>&secretkey=&lt;key>
</pre>
SetUserKeys is an <I>unauthorized</I> REST call.</br>
A HTTP 200 result code is returned on success and a 401 on failure.
<P>
<H3 id="certifiates">1.2 Setting a User's X509 Certificate</H3>
EC2 uses WS-Security <A href="#ref4">[4]</A> for authentication on SOAP access. WS-Security signs the entire SOAP request
using a public/private key pair. The user of Cloud.com's EC2 service must
generate a public/private key pair with the public key defined in an X509
certificate. The private key is used by a SOAP client in generating
the WS-Security signature of a SOAP request. The matching public key is stored on
a server and is used to verify the signature on each request.
<P>
The following REST command must be used by a Cloud.com's EC2 service user to
load their certificate into the service. No access via the SOAP API is
possible until this step is performed. Also for this REST command to be
successful the instructions in Section 1.1 must be performed first.
<pre>
http://&lt;fqdn-or-ip>:&lt;port>/bridge/rest/AmazonEC2?Action=SetCertificate&AWSAccessKeyId=&lt;Cloud.com API AccessKey>&cert=&lt;pem encoded cert>
</pre>
SetCertificate is an <I>authenticated</I> REST call using the same authentication scheme as all other EC2 REST calls.
This means that the following standard EC2 REST paramters must also be part of the request: Signature, SignatureMethod, Version,
SignatureVersion, and Expires <A href="#ref3">[3]</A>.</br>
A HTTP 200 result code is returned on success and a 404 on failure.
<P>
An example of a PEM encoded X509 Certificate is <A href="#ref5">[5]</A>:
<pre>
-----BEGIN CERTIFICATE-----
MIICdzCCAeCgAwIBAgIGAPCRHu3UMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT
AlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT
GEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0xMDA2MjMxODE4MTZaFw0xMTA2
MjMxODE4MTZaMFIxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMRcw
FQYDVQQLEw5BV1MtRGV2ZWxvcGVyczEVMBMGA1UEAxMMZWZieDQ0eXF1d3E2MIGf
MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw+RO1QV7t5EbluyAAD11SoZ4ats5t
DBSta/QB3G9T0y3p2gURrYMDYVJ1BZmyel/DuMANx6UG6Vw+0o0SXOS3mH8Yu/lO
OOH9WxWiXulGMIrpPCiUpnWMrWhIlHu8mqLLhBx+5k4I92plMfH97BySunbv9zaf
ZRKXX3cXIYbUMwIDAQABo1cwVTAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAww
CgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUCzKwCQvocPYFki/9
NORZFTsjcZ8wDQYJKoZIhvcNAQEFBQADgYEAXmIe6+XsNHYIiLGQO6dh8nvHHzDw
3sltNa7z6BSdNr7WDxpJg9oFUcddQVca1LZsjsqx6dIc1WxQUjPE9oOfSYqQZuMD
/GOpWyXMb/oJ2MLI1Vp1ABKhHoHUJmPOrIou4UbCifMeD7MFZkezkKDqqH3jQMjA
4YDNkSWLnJ9xba8=
-----END CERTIFICATE-----
</pre>
<P>
To remove a previously loaded certificate the user can simply execute
the following REST command.
<pre>
http://&lt;fqdn-or-ip>:&lt;port>/bridge/rest/AmazonEC2?Action=DeleteCertificate&AWSAccessKeyId=&lt;Cloud.com API AccessKey>
where the same value for the 'AWSAccessKeyId' parameter as was used in a previous call to SetCertificate.
</pre>
DeleteCertificate is an <I>authenticated</I> REST call using the same authentication scheme (and having all the same
required parameters) as all other EC2 REST calls.</br>
A HTTP 200 result code is returned on success and a 404 on failure.
<P>
<H3 id="endpoints">2. Endpoints</H3>
For SOAP access the endpoint is:
<pre>http://&lt;fqdn-or-ip>:&lt;port>/bridge/services/AmazonEC2</pre>
For REST access the endpoint is:
<pre>http://&lt;fqdn-or-ip>:&lt;port>/bridge/rest/AmazonEC2</pre>
<P>
<H3 id="differences">3. Differences between Amazon's and Cloud.com's EC2 Implementations</H3>
<font size=+1><I>EC2's RegisterImage Function</I></font>
<P>
This function maps to the Cloud.com's API "registerTemplate" function <A href="#ref2">[2]</A>. However the registerTemplate function
requires the following additional parameters that are not present in the RegisterImage function:
<pre>
format - the format for the template. Possible values include QCOW2, RAW, and VHD.</br>
osTypeId - the ID of the OS Type that best represents the OS of this template.</br>
zoneId - the ID of the zone the template is to be hosted on.</br>
</pre>
These parameters must be provided for a successful registerTemplate call and thus a RegsiterImage call.
To accomidate these values we have redefined the "architecture" parameter defined for RegisterImage.
The Amazon defined valid values are: "i386 | x86_64" and it is of type xsd:string. Neither of these
defined values has any meaning in the context of the Cloud.com API.
The new definition of the architecture field is a three part value of the form:
"&lt;format>:&lt;zoneName>:&lt;osTypeName>", where ":" is the field delimitor. A valid example
would be: "VHD:ZONE1:Centos 4.5". Cloud.com's EC2 code translates the "zoneName" value into a valid zoneId,
and the "osTypeName" value into a matching osTypeId. In addition, whereas the architecture field
is optional in Amazon's definition of RegisterImage, it is required in Cloud.com's modified version.
<P>
Another difference for the RegisterImage function concerns the use of the "imageLocation" parameter.
As defined by Amazon <A href="#ref3">[3]</A>:
<pre>
imageLocation - a full path to your AMI manifest in Amazon S3 storage.
</pre>
As defined for Cloud.com's EC2 implementation:
<pre>
imageLocation - is a URL of where the template is hosted. Possible URL include http:// and https://
</pre>
<P>
<font size=+1><I>EC2's DescribeInstances Function</I></font>
<P>
Only the following list of filters are currently supported:
<pre>
availability-zone
hypervisor
image-id
instance-id
instance-type
instance-state-code
instance-state-name
ip-address
owner-id
root-device-name
</pre>
<P>
<font size=+1><I>EC2's DescribeVolumes Function</I></font>
<P>
Only the following list of filters are currently supported:
<pre>
attachment.attach-time
attachment.device
attachment.instance-id
availability-zone
create-time
size
snapshot-id
status
volume-id
</pre>
<P>
<font size=+1><I>EC2's DescribeSnapshots Function</I></font>
<P>
Only the following list of filters are currently supported:
<pre>
owner-alias
owner-id (here its the CloudStack API key)
snapshot-id
start-time
status
volume-id
volume-size
</pre>
<P>
<P>
<font size=+1><I>EC2's DescribeSecurityGroups Function</I></font>
<P>
Only the following list of filters are currently supported:
<pre>
description
group-id
group-name
ip-permission.cidr
ip-permission.from-port
ip-permission.to-port
ip-permission.protocol
owner-id
</pre>
<P>
<H3 id="misc">4. Miscellaneous</H3>
The EC2 service provides a Cloud.com extension to obtain the release version of the EC2 software.
<pre>
http://&lt;fqdn-or-ip>:&lt;port>/bridge/rest/AmazonEC2?Action=CloudEC2Version
</pre>
CloudEC2Version is an <I>unauthorized</I> REST call.</br>
An example of a valid response from this function is:
<pre>
&lt;CloudEC2Version>1.01&lt;/CloudEC2Version>
</pre>
<P></BR>
<H2 id="part2">Part 2. Generic EC2 Details</H2>
<H3 id="functions">List of EC2 Functions Implemented</H3>
Refer to the Amazon EC2 documentation <A href="#ref3">[3]</A> for a description of each function.
Also see Part1, section 3 above, for differences between Amazon's and Cloud.com's EC2 implementations.
<pre>
AllocateAddress
AssociateAddress
AttachVolume
AuthorizeSecurityGroupIngress
CreateImage
CreateSecurityGroup
CreateSnapshot
CreateVolume
DeleteSecurityGroup
DeleteSnapshot
DeleteVolume
DeregisterImage
DescribeAvailabilityZones
DescribeImageAttribute
DescribeImages
DescribeInstanceAttribute
DescribeInstances
DescribeSecurityGroups
DescribeSnapshots
DescribeVolumes
DetachVolume
DisassociateAddress
ModifyImageAttribute
RebootInstances
ReleaseAddress
RegisterImage
RevokeSecurityGroupIngress
ResetImageAttribute
RunInstances
StartInstances
StopInstances
TerminateInstances
</pre>
<P>
<H3 id="wsdl">Supported WSDL Version</H3>
<A href="http://ec2.amazonaws.com/doc/2010-08-31/">http://ec2.amazonaws.com/doc/2010-08-31/</A></BR>
Amazon EC2 Command Line Tool used for testing was version 1.3-57419.
<P>
</BR>
<H2 id="refs">References</H2>
<OL>
<LI id="ref1"><A href="http://en.wikipedia.org/wiki/Public_Key_Cryptography">Public-key cryptograph</A></LI>
<LI id="ref2"><A href="http://cloud.com/community/kb">Cloud.com's Developer API</A></LI>
<LI id="ref3"><A href="http://aws.amazon.com/documentation/ec2/">Amazon's EC2 API</A></LI>
<LI id="ref4"><A href="http://en.wikipedia.org/wiki/WS-Security">WS-Security</A></LI>
<LI id="ref5"><A href="http://en.wikipedia.org/wiki/X.509">X.509 Certificates</A></LI>
</OL>
</BODY>
</HTML>

21
awsapi/docs/AmazonEC2/wsdl2java-command-line.txt
View File

@ -1,21 +0,0 @@
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-----------------------------------------------------------
To generate the Java AXIS2 classes from the Amazon EC2 wsdl use the following command line:
C:\axis2-1.5.1\bin>wsdl2java.bat -ss -sd -ssi -g -p com.amazon.ec2 -ns2p "http://ec2.amazonaws.com/doc/2010-08-31/"=com.amazon.ec2 -uri ec2.wsdl

120
awsapi/docs/AmazonS3/S3-users-guide.html
View File

@ -1,120 +0,0 @@
<HTML>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<HEAD>
<TITLE>Cloud.com's S3 API User's Guide</TITLE>
</HEAD>
<BODY>
<H1>Cloud.com's S3 API User's Guide</H1>
3/4/2011
<H2>Table of Contents</H2>
<UL>
<LI><A href="#part1">Part 1. Cloud.com's Specific Implementation Details</A></LI>
<UL>
<LI><A href="#registration">User Registration</A></LI>
<LI><A href="#endpoints">Endpoints</LI>
</UL>
<LI><A href="#part2">Part 2. Generic S3 Details</A></LI>
<UL>
<LI><A href="#functions">List of S3 Functions Implemented</A></LI>
<LI><A href="#wsdl">Supported WSDL Version</A><P></LI>
</UL>
<LI><A href="#refs">References</A></LI>
</UL>
<P></BR>
<H2 id="part1">Part 1. Cloud.com's Specific Implementation Details</H2>
<H3 id="registration">User Registration</H3>
The S3 service uses the user's Cloud.com API access and secret keys <A href="#ref1">[1]</A> to implement both
the REST and SOAP authentication algorithms. This is done by re-using an EC2 provided REST command. Once
this URL is invoked the user has registered for both the S3 service and the EC2 REST service.
<pre>
http://&lt;fqdn-or-ip>:&lt;port>/bridge/rest/AmazonS3?Action=SetUserKeys&accesskey=&lt;key>&secretkey=&lt;key>
</pre>
SetUserKeys is an <I>unauthorized</I> REST call.</br>
A HTTP 200 result code is returned on success and a 401 on failure.
<P>
<P>
<H3 id="endpoints">Endpoints</H3>
For SOAP access the endpoint is:
<pre>http://&lt;fqdn-or-ip>:&lt;port>/bridge/services/AmazonS3</pre>
For the SOAP PutObject function with a DIME attachment <A href="#ref3">[3]</A>:
<pre>http://&lt;fqdn-or-ip>:&lt;port>/bridge/dime/AmazonS3</pre>
For REST access the endpoint is:
<pre>http://&lt;fqdn-or-ip>:&lt;port>/bridge/rest/AmazonS3</pre>
<P>
<H2 id="part2">Part 2. Generic S3 Details</H2>
<H3 id="functions">List of S3 Functions Implemented</H3>
Refer to the Amazon S3 documentation <A href="#ref2">[2]</A> for a description of each function.
Also see Part1, section 3 above, for a list of unsupported S3 features.
<pre>
REST calls:
GET Service
DELETE Bucket
GET Bucket
GET Bucket acl
GET Bucket versioning
PUT Bucket
PUT Bucket acl
PUT Bucket versioning
List Multipart Uploads
DELETE Object
GET Object
GET Object acl
HEAD Object
POST Object
PUT Object
PUT Object (Copy)
Initiate Multipart Upload
Upload Part
Complete Multipart Upload
Abort Multipart Upload
List Parts
SOAP calls:
ListAllMyBuckets
CreateBucket
DeleteBucket
ListBucket
GetBucketAccessControlPolicy
SetBucketAccessControlPolicy
PutObjectInline
PutObject
CopyObject
GetObject
GetObjectExtended
DeleteObject
GetObjectAccessControlPolicy
SetObjectAccessControlPolicy
</pre>
<P>
<H3 id="wsdl">Supported WSDL Version</H3>
<A href="http://s3.amazonaws.com/doc/2006-03-01/">http://s3.amazonaws.com/doc/2006-03-01/</A></BR>
<P>
</BR>
<H2 id="refs">References</H2>
<OL>
<LI id="ref1"><A href="http://cloud.com/community/kb">Cloud.com's Developer API</A></LI>
<LI id="ref2"><A href="http://aws.amazon.com/documentation/s3/">Amazon's S3 API</A></LI>
<LI id="ref3"><A href="http://msdn.microsoft.com/en-us/magazine/cc188797.aspx">DIME</A></LI>
</OL>
</BODY>
</HTML>

29
awsapi/docs/AmazonS3/notes.txt
View File

@ -1,29 +0,0 @@
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-----------------------------------------------------------
Example of headers for a rest call of copyObject
Authorization: AWS Mark:djdjdjdjdjdjdjdj\n
Host: Henry2.s3.amazonaws.com\n
x-amz-copy-source: /Henry1/test1\n
x-amz-metadata-directive: REPLACE\n
x-amz-meta-hight: 55 feet\n
x-amz-meta-width: 13 yards\n
x-amz-meta-weight: 4 tons\n
x-amz-acl: public-read\n

66
awsapi/docs/AmazonS3/wsdl2java-command-line.txt
View File

@ -1,66 +0,0 @@
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-----------------------------------------------------------
To generate the Java AXIS2 classes from the Amazon EC2 wsdl use the following command line, assuming source definitions in the local directory:
$ wsdl2java.sh -ss -sd -ssi -g -p com.amazon.s3 -ns2p "http://s3.amazonaws.com/doc/2006-03-01/"=com.amazon.s3 -uri cloud-AmazonS3.wsdl
This runs the wsdl2java code generation tool to produce stubs with asynchronous invocation methods, such as those useful for REST using the com.amazon.s3 package.
This creates the following java source files in the src/com/amazon/s3 subdirectory …
AccessControlList.java ListAllMyBucketsResponse.java
AccessControlPolicy.java ListAllMyBucketsResult.java
AmazonCustomerByEmail.java ListBucket.java
AmazonS3CallbackHandler.java ListBucketResponse.java
AmazonS3MessageReceiverInOut.java ListBucketResult.java
AmazonS3Skeleton.java ListEntry.java
AmazonS3SkeletonInterface.java ListVersionsResponse.java
AmazonS3Stub.java ListVersionsResult.java
BucketLoggingStatus.java ListVersionsResultChoice_type0.java
CanonicalUser.java LocationConstraint.java
CopyObject.java LoggingSettings.java
CopyObjectResponse.java MetadataDirective.java
CopyObjectResult.java MetadataEntry.java
CreateBucket.java MfaDeleteStatus.java
CreateBucketConfiguration.java NotificationConfiguration.java
CreateBucketResponse.java Payer.java
CreateBucketResult.java Permission.java
DeleteBucket.java PostResponse.java
DeleteBucketResponse.java PrefixEntry.java
DeleteMarkerEntry.java PutObject.java
DeleteObject.java PutObjectInline.java
DeleteObjectResponse.java PutObjectInlineResponse.java
ExtensionMapper.java PutObjectResponse.java
GetBucketAccessControlPolicy.java PutObjectResult.java
GetBucketAccessControlPolicyResponse.java RequestPaymentConfiguration.java
GetBucketLoggingStatus.java Result.java
GetBucketLoggingStatusResponse.java SetBucketAccessControlPolicy.java
GetObject.java SetBucketAccessControlPolicyResponse.java
GetObjectAccessControlPolicy.java SetBucketLoggingStatus.java
GetObjectAccessControlPolicyResponse.java SetBucketLoggingStatusResponse.java
GetObjectExtended.java SetObjectAccessControlPolicy.java
GetObjectExtendedResponse.java SetObjectAccessControlPolicyResponse.java
GetObjectResponse.java Status.java
GetObjectResult.java StorageClass.java
Grant.java TopicConfiguration.java
Grantee.java User.java
Group.java VersionEntry.java
ListAllMyBuckets.java VersioningConfiguration.java
ListAllMyBucketsEntry.java VersioningStatus.java
ListAllMyBucketsList.java

64
docs/en-US/aws-ec2-configuration.xml Normal file
View File

@ -0,0 +1,64 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="aws-ec2-configuration">
<title>Enabling the AWS API compatible Interface</title>
<para>
To enable the EC2 compatible service you need to set the configuration variable <emphasis>enable.ec2.api</emphasis>to true. This can be done via the &PRODUCT; GUI by going in <emphasis>Global Settings</emphasis> or via the API.
</para>
<para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/ec2-s3-configuration.png"/>
</imageobject>
<textobject>
<phrase>Use the GUI to set the configuration variable to <emphasis>true</emphasis></phrase>
</textobject>
</mediaobject>
</para>
<para>
The easiest is to use the so-called integration port on which you can make unauthenticated calls. In Global Settings set the port to 8096 and subsequently call the <emphasis>updateConfiguration</emphasis> method. The following url shows you how:
</para>
<para>
<programlisting>
http://localhost:8096/client/api?command=updateConfiguration&amp;name=enable.ec2.api&amp;value=true
</programlisting>
</para>
<para>
Once you have updated <emphasis>enable.ec2.api</emphasis>to true, restart the server.
</para>
<para>
You will also need to define compute service offerings with names compatible with the <ulink url="http://aws.amazon.com/ec2/instance-types/">Amazon EC2 instance types</ulink> API names (e.g m1.small,m1.large). This is easiest done via the &PRODUCT; GUI. Go under <emphasis>Service Offerings</emphasis> select <emphasis>Compute offering</emphasis> and either create a new compute offering or modify an existing one, ensuring that the name matches an EC2 instance type API name. The snapshot below shows you how:
</para>
<para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/compute-service-offerings.png"/>
</imageobject>
<textobject>
<phrase>Use the GUI to set the name of a compute service offering to an EC2 instance type API name.</phrase>
</textobject>
</mediaobject>
</para>
</section>

47
docs/en-US/aws-ec2-introduction.xml Normal file
View File

@ -0,0 +1,47 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="aws-ec2-introduction">
<title>Amazon Web Services EC2 Compatible Interface</title>
<para>&PRODUCT; can translate Amazon Web Services (AWS) API calls to native &PRODUCT; API calls so that users can continue using existing AWS-compatible tools. This translation service runs as a separate web application in the same tomcat server as the management server of &PRODUCT;, listening on the same port. This Amazon EC2-compatible API is accessible through a SOAP web service as well as the REST query interface.</para>
<warning>
<para>Expect the SOAP service to be deprecated in new releases in favor of the REST interface.</para>
</warning>
<note>
<para>This service was previously enabled by a separate software called CloudBridge, it is now fully integrated with the &PRODUCT; management server.
</para>
</note>
<para>Limitations</para>
<itemizedlist>
<listitem>
<para>Supported only in zones that use basic networking.</para>
</listitem>
<listitem>
<para>Available in fresh installations of &PRODUCT;. Not available through upgrade of previous versions.</para>
</listitem>
<listitem>
<para>If you need to support features such as elastic IP, set up a Citrix NetScaler to provide this service. The commands such as ec2-associate-address will not work without EIP setup. Users running VMs in this zone will be using the NetScaler-enabled network offering (DefaultSharedNetscalerEIP and ELBNetworkOffering).</para>
</listitem>
</itemizedlist>
</section>

30
docs/en-US/aws-ec2-requirements.xml Normal file
View File

@ -0,0 +1,30 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="aws-ec2-requirements">
<title>System Requirements</title>
<para>This interface complies with Amazon's WDSL version dated November 15, 2010, available at http://ec2.amazonaws.com/doc/2010-11-15/. The EC2 command line utilities compatible with it are <emphasis>EC2 tools v. 1.3.6230</emphasis>that can be downloaded at <ulink url="http://s3.amazonaws.com/ec2-downloads/ec2-api-tools-1.3-62308.zip">http://s3.amazonaws.com/ec2-downloads/ec2-api-tools-1.3-62308.zip</ulink>
</para>
<note>Effort is underway to provide support for a newer API</note>
</section>

407
docs/en-US/aws-ec2-supported-commands.xml Normal file
View File

@ -0,0 +1,407 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="aws-ec2-supported-commands">
<title>Supported AWS API Calls</title>
<para>
The following Amazon EC2 commands are supported by &PRODUCT; when the AWS API compatibility feature is enabled. For a few commands, there are differences between the &PRODUCT; and Amazon EC2 versions, and these differences are noted. The underlying SOAP call for each command is also given, for those who have built tools using those calls.
</para>
<para>Elastic IP Addresses</para>
<table frame='all'>
<title>Elastic IP API mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-allocate-address</entry>
<entry>AllocateAddress</entry>
<entry>associateIpAddress</entry>
</row>
<row>
<entry>ec2-associate-address</entry>
<entry>AssociateAddress</entry>
<entry>enableStaticNat</entry>
</row>
<row>
<entry>ec2-describe-addresses</entry>
<entry>DescribeAddresses</entry>
<entry>listPublicIpAddresses</entry>
</row>
<row>
<entry>ec2-diassociate-address</entry>
<entry>DisassociateAddress</entry>
<entry>disableStaticNat</entry>
</row>
<row>
<entry>ec2-release-address</entry>
<entry>ReleaseAddress</entry>
<entry>disassociateIpAddress</entry>
</row>
</tbody>
</tgroup>
</table>
<para>Availability Zones</para>
<table frame='all'>
<title>Availability Zone API mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-describe-availability-zones</entry>
<entry>DescribeAvailabilityZones</entry>
<entry>listZones</entry>
</row>
</tbody>
</tgroup>
</table>
<para>Images</para>
<table frame='all'>
<title>Images API mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-create-image</entry>
<entry>CreateImage</entry>
<entry>createTemplate</entry>
</row>
<row>
<entry>ec2-deregister</entry>
<entry>DeregisterImage</entry>
<entry>DeleteTemplate</entry>
</row>
<row>
<entry>ec2-describe-images</entry>
<entry>DescribeImages</entry>
<entry>listTemplates</entry>
</row>
<row>
<entry>ec2-register</entry>
<entry>RegisterImage</entry>
<entry>registerTemplate</entry>
</row>
</tbody>
</tgroup>
</table>
<para>Image Attributes</para>
<table frame='all'>
<title>Image Attributes API mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-describe-image-attribute</entry>
<entry>DescribeImageAttribute</entry>
<entry>listTemplatePermissions</entry>
</row>
<row>
<entry>ec2-modify-image-attribute</entry>
<entry>ModifyImageAttribute</entry>
<entry>updateTemplatePermissions</entry>
</row>
<row>
<entry>ec2-reset-image-attribute</entry>
<entry>ResetImageAttribute</entry>
<entry>updateTemplatePermissions</entry>
</row>
</tbody>
</tgroup>
</table>
<para>Instances</para>
<table frame='all'>
<title>Instances API mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-describe-instances</entry>
<entry>DescribeInstances</entry>
<entry>listVirtualMachines</entry>
</row>
<row>
<entry>ec2-run-instances</entry>
<entry>RunInstances</entry>
<entry>deployVirtualMachine</entry>
</row>
<row>
<entry>ec2-reboot-instances</entry>
<entry>RebootInstances</entry>
<entry>rebootVirtualMachine</entry>
</row>
<row>
<entry>ec2-start-instances</entry>
<entry>StartInstances</entry>
<entry>startVirtualMachine</entry>
</row>
<row>
<entry>ec2-stop-instances</entry>
<entry>StopInstances</entry>
<entry>stopVirtualMachine</entry>
</row>
<row>
<entry>ec2-terminate-instances</entry>
<entry>TerminateInstances</entry>
<entry>destroyVirtualMachine</entry>
</row>
</tbody>
</tgroup>
</table>
<para>Instance Attributes</para>
<table frame='all'>
<title>Instance Attributes Mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-describe-instance-attribute</entry>
<entry>DescribeInstanceAttribute</entry>
<entry>listVirtualMachines</entry>
</row>
</tbody>
</tgroup>
</table>
<para>Key Pairs</para>
<table frame='all'>
<title>Keys Pairs Mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-add-keypair</entry>
<entry>CreateKeyPair</entry>
<entry>createSSHKeyPair</entry>
</row>
<row>
<entry>ec2-delete-keypair</entry>
<entry>DeleteKeyPair</entry>
<entry>deleteSSHKeyPair</entry>
</row>
<row>
<entry>ec2-describe-keypairs</entry>
<entry>DescribeKeyPairs</entry>
<entry>listSSHKeyPairs</entry>
</row>
<row>
<entry>ec2-import-keypair</entry>
<entry>ImportKeyPair</entry>
<entry>registerSSHKeyPair</entry>
</row>
</tbody>
</tgroup>
</table>
<para>Passwords</para>
<table frame='all'>
<title>Passwords API Mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-get-password</entry>
<entry>GetPasswordData</entry>
<entry>getVMPassword</entry>
</row>
</tbody>
</tgroup>
</table>
<para>Security Groups</para>
<table frame='all'>
<title>Security Groups API Mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-authorize</entry>
<entry>AuthorizeSecurityGroupIngress</entry>
<entry>authorizeSecurityGroupIngress</entry>
</row>
<row>
<entry>ec2-add-group</entry>
<entry>CreateSecurityGroup</entry>
<entry>createSecurityGroup</entry>
</row>
<row>
<entry>ec2-delete-group</entry>
<entry>DeleteSecurityGroup</entry>
<entry>deleteSecurityGroup</entry>
</row>
<row>
<entry>ec2-describe-group</entry>
<entry>DescribeSecurityGroups</entry>
<entry>listSecurityGroups</entry>
</row>
<row>
<entry>ec2-revoke</entry>
<entry>RevokeSecurityGroupIngress</entry>
<entry>revokeSecurityGroupIngress</entry>
</row>
</tbody>
</tgroup>
</table>
<para>Snapshots</para>
<table frame='all'>
<title>Snapshots API Mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-create-snapshot</entry>
<entry>CreateSnapshot</entry>
<entry>createSnapshot</entry>
</row>
<row>
<entry>ec2-delete-snapshot</entry>
<entry>DeleteSnapshot</entry>
<entry>deleteSnapshot</entry>
</row>
<row>
<entry>ec2-describe-snapshots</entry>
<entry>DescribeSnapshots</entry>
<entry>listSnapshots</entry>
</row>
</tbody>
</tgroup>
</table>
<para>Volumes</para>
<table frame='all'>
<title>Volumes API Mapping</title>
<tgroup cols='3' align='left' colsep='1' rowsep='1'>
<!--<colspec colname='c1'tcolwidth="1*"/>
<colspec colname='c2'tcolwidth="1*"/>-->
<thead>
<row>
<entry>EC2 command</entry>
<entry>SOAP all</entry>
<entry>&PRODUCT; API call</entry>
</row>
</thead>
<tbody>
<row>
<entry>ec2-attach-volume</entry>
<entry>AttachVolume</entry>
<entry>attachVolume</entry>
</row>
<row>
<entry>ec2-create-volume</entry>
<entry>CreateVolume</entry>
<entry>createVolume</entry>
</row>
<row>
<entry>ec2-delete-volume</entry>
<entry>DeleteVolume</entry>
<entry>deleteVolume</entry>
</row>
<row>
<entry>ec2-describe-volume</entry>
<entry>DescribeVolume</entry>
<entry>listVolumes</entry>
</row>
<row>
<entry>ec2-detach-volume</entry>
<entry>DetachVolume</entry>
<entry>detachVolume</entry>
</row>
</tbody>
</tgroup>
</table>
</section>

91
docs/en-US/aws-ec2-user-setup.xml Normal file
View File

@ -0,0 +1,91 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="aws-ec2-user-setup">
<title>User configuration</title>
<para>
Users of the Amazon EC2 compatible interface will be able to keep their existing EC2 tools and scripts and use them with their &PRODUCT; deployment, by specifyingi the endpoint of the managment server and using the proper user credentials.In order to do this, each user must perform the following configuration steps:
</para>
<para>
<itemizedlist>
<listitem>
<para>Generate user credentials.</para>
</listitem>
<listitem>
<para>Register with the service.</para>
</listitem>
<listitem>
<para>Setup the environment variables</para>
</listitem>
</itemizedlist>
</para>
<para>
To register, a user needs to:
</para>
<orderedlist>
<listitem>
<para>
Obtain his API key and his secret key as well as the DNS name or IP address of the &PRODUCT; server. Obtaining the keys can be done by asking the &PRODUCT; administrator or by using the GUI or via the API.
</para>
</listitem>
<listitem>
<para>
Obtain a self-signed X.509 certificate. It can be generated with the following command:
</para>
<para><programlisting>$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /path/to/private_key.pem -out /path/to/cert.pem </programlisting>
</para>
</listitem>
<listitem>
<para>
Register the mapping from the X.509 certificate to the API/Secret keys. Download the following script from http://download.cloud.com/releases/3.0.3/cloudstack-aws-api-register and run it. Substitute the values you obtained from the administrator in the URL below.
</para>
<para>
<programlisting>$ cloudstack-aws-api-register --apikey=<replaceable>Users CloudPlatform API key</replaceable> --secretkey=<replaceable>Users CloudPlatform Secret key</replaceable> --cert=<replaceable>/path/to/cert.pem</replaceable> --url=http://<replaceable>&PRODUCT;.server</replaceable>:8080/awsapi</programlisting>
</para>
</listitem>
</orderedlist>
<note>
<para>
A user with an existing AWS certificate could choose to use the same certificate with &PRODUCT; but note that the public key would be uploaded to the &PRODUCT; management server database.
</para>
</note>
<para>
To use the EC2 command line tools, setup the environment variable in a similar fashion than with Amazon EC2 service. Specifically, in bash shell:
<programlisting>
$ export EC2_CERT=/path/to/cert.pem
$ export EC2_PRIVATE_KEY=/path/to/private_key.pem
$ export EC2_URL=http://<replaceable>&PRODUCT;.server</replaceable>:8080/awsapi
$ export EC2_HOME=/path/to/EC2_tools_directory
</programlisting>
</para>
<note>
<para>The Amazon EC2 command-line tools have a default connection timeout. If you find that EC2 commands are not completing due to timeouts, you can pass a new timeout value as an argument with <programlisting>--connection-timeout TIMEOUT </programlisting> or <programlisting>--request-timeout TIMEOUT </programlisting>
</para>
</note>
</section>

32
docs/en-US/aws-interface-guide.xml Normal file
View File

@ -0,0 +1,32 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="aws-interface-guide">
<title>Amazon Web Service Interface Guide</title>
<xi:include href="aws-ec2-introduction.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="aws-ec2-requirements.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="aws-ec2-configuration.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="aws-ec2-user-setup.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="aws-ec2-supported-commands.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</chapter>

2
docs/en-US/cloud-infrastructure-overview.xml
View File

@ -42,5 +42,5 @@
<textobject><phrase>infrastructure_overview.png: Nested organization of a zone</phrase></textobject>
</mediaobject>
<para><emphasis role="bold">More Information</emphasis></para>
<para>For more information, see <xref linkend="cloud-infrastructure-concepts" />.</para>
<para>For more information, see documentation on cloud infrastructure concepts.</para>
</section>

22
docs/en-US/cloudstack_installation.ent Normal file
View File

@ -0,0 +1,22 @@
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<!ENTITY PRODUCT "CloudStack">
<!ENTITY BOOKID "Technical Documentation">
<!ENTITY YEAR "2012">
<!ENTITY HOLDER "Apache Software Foundation">