Accessing the metadata API?
Lee Trager
lee.trager at canonical.com
Wed Feb 1 18:53:55 UTC 2017
MAAS has an internal library to help with accessing the metadata service,
provisioningserver/refresh/maas_api_helper.py. As this library is used
during commissioning its only dependencies are python3-yaml
python3-oauthlib. We store credentials on deployed nodes in
/etc/cloud/cloud.cfg.d/90_dpkg_maas.cfg
from maas_api_helper import geturl
import yaml
cfg_str = open('/etc/cloud/cloud.cfg.d/90_dpkg_maas.cfg', 'r').read()
cfg = yaml.safe_load(cfg_str)['datasource']['MAAS']
cfg['consumer_secret'] = ''
system_id = geturl("%s/latest/meta-data/instance-id" % cfg['metadata_url'],
cfg)
Hope that helps!
Lee
On Wed, Feb 1, 2017 at 10:12 AM, Scott Moser <smoser at ubuntu.com> wrote:
> On Wed, 1 Feb 2017, Jim Tilander wrote:
>
> >
> > Hi,
> >
> > Is there some up to date information on how to access the metadata API?
> >
> > This seems woefully out of date and also incorrect:
> > https://maas.ubuntu.com/docs/development/metadata.html
> > <https://maas.ubuntu.com/docs/development/metadata.html>
>
> Its actually still valid to my knowledge. That is the api of information
> available to nodes. It just hasn't needed fixing since initially
> designed.
>
> > Looking at the apache access logs, there are different paths that are
> begin accessed.
> >
> > * Is there a stable API endpoint that one can call during deployment
> scripts?
> > * Can one call the metadata API post deployment?
> > * How are the nodes supposed to authenticate? I keep getting Forbidden
> replies.
>
> A node will have credentials written into /etc/cloud/cloud.cfg.d/
>
> $ ls /etc/cloud/cloud.cfg.d/*maas*
> /etc/cloud/cloud.cfg.d/90_dpkg_maas.cfg
>
> Cloud-init reads that information and has a small 'main' included to
> demonstrate reading from it. You may find that usefull in just poking
> around. I pulled trunk cloud-init as some changes have recently gone in
> to make it more usable, but you could run it from the installed cloud-init
> as well.
>
> $ sudo cat /etc/cloud/cloud.cfg.d/90_dpkg_maas.cfg
> # written by cloud-init debian package per preseed entries
> # cloud-init/{maas-metadata-url,/maas-metadata-credentials}
> datasource:
> MAAS: {consumer_key: xxxxxxxxxxxxxxxxxx,
> metadata_url: 'http://10.0.0.1/MAAS/metadata/',
> token_key: xxxxxxxxxxxxxxxxxx,
> token_secret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
>
>
> $ git clone http://git.launchpad.net/cloud-init
> $ cd cloud-init
> $ python3 -m cloudinit.sources.DataSourceMAAS --help
> usage: DataSourceMAAS.py [-h] [--config file] [--ckey key] [--tkey key]
> [--csec secret] [--tsec secret] [--apiver
> version]
> {crawl,get,check-seed} ...
>
> Interact with MAAS DS
>
> optional arguments:
> -h, --help show this help message and exit
> --config file specify DS config file
> --ckey key the consumer key to auth with
> --tkey key the token key to auth with
> --csec secret the consumer secret (likely '')
> --tsec secret the token secret to auth with
> --apiver version the apiver to use ( can be used)
>
> subcommands:
> {crawl,get,check-seed}
> crawl crawl the datasource
> get do a single GET of provided url
> check-seed read and verify seed at url
>
> $ sudo python3 -m cloudinit.sources.DataSourceMAAS check-seed
> Used config in /etc/cloud/cloud.cfg.d/90_dpkg_maas.cfg.
> Checking seed at http://10.0.0.1/MAAS/metadata/
> === user-data ===
> N/A
> === meta-data ===
> {'instance-id': 'node-5f084de2-e92a-11e4-a5ac-00163e5b6994',
> 'local-hostname': 'myname.maas',
> 'public-keys': 'ssh-rsa AAAAB3Nza....HD smoser at host\n'}
> === vendor-data ===
> 'N/A'
>
>
> --
> Maas-devel mailing list
> Maas-devel at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/
> mailman/listinfo/maas-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/maas-devel/attachments/20170201/bd2358c7/attachment.html>
More information about the Maas-devel
mailing list