blob: 081950d1775cb089a2a28a1665ce46a31b2f247f [file] [log] [blame]
Samuel A. Falvo II2b963212014-02-09 02:12:30 -08001/*
2The Identity package provides convenient OpenStack Identity V2 API client access.
3This package currently doesn't support the administrative access endpoints, but may appear in the future based on demand.
4
5Authentication
6
7Established convention in the OpenStack community suggests the use of environment variables to hold authentication parameters.
8For example, the following settings would be sufficient to authenticate against Rackspace:
9
10 # assumes Bash shell on a POSIX environment; use SET command for Windows.
11 export OS_AUTH_URL=https://identity.api.rackspacecloud.com/v2.0
12 export OS_USERNAME=xxxx
13 export OS_PASSWORD=yyyy
14
15while you'd need these additional settings to authenticate against, e.g., Nebula One:
16
17 export OS_TENANT_ID=zzzz
18 export OS_TENANT_NAME=wwww
19
20Be sure to consult with your provider to see which settings you'll need to authenticate with.
21
22A skeletal client gets started with Gophercloud by authenticating against his/her provider, like so:
23
24 package main
25
26 import (
27 "fmt"
28 "github.com/rackspace/gophercloud/openstack/identity"
29 "github.com/rackspace/gophercloud/openstack/utils"
30 )
31
32 func main() {
33 // Create an initialized set of authentication options based on available OS_*
34 // environment variables.
35 ao, err := utils.AuthOptions()
36 if err != nil {
37 panic(err)
38 }
39
40 // Attempt to authenticate with them.
41 r, err := identity.Authenticate(ao)
42 if err != nil {
43 panic(err)
44 }
45
46 // With each authentication, you receive a master directory of all the services
47 // your account can access. This "service catalog", as OpenStack calls it,
48 // provides you the means to exploit other OpenStack services.
49 sc, err := identity.GetServiceCatalog(r)
50 if err != nil {
51 panic(err)
52 }
53
54 // Find the desired service(s) for our application.
55 computeService, err := findService(sc, "compute", ...)
56 if err != nil {
57 panic(err)
58 }
59
60 blockStorage, err := findService(sc, "block-storage", ...)
61 if err != nil {
62 panic(err)
63 }
64
65 // ... etc ...
66 }
67
68NOTE!
69Unlike versions 0.1.x of the Gophercloud API,
700.2.0 and later will not provide a service look-up mechanism as a built-in feature of the Identity SDK binding.
71The 0.1.x behavior potentially opened its non-US users to legal liability by potentially selecting endpoints in undesirable regions
72in a non-obvious manner if a specific region was not explicitly specified.
73Starting with 0.2.0 and beyond, you'll need to use either your own service catalog query function or one in a separate package.
74This makes it plainly visible to a code auditor that if you indeed desired automatic selection of an arbitrary region,
75you made the conscious choice to use that feature.
76
77Extensions
78
79Some OpenStack deployments may support features that other deployments do not.
80Anything beyond the scope of standard OpenStack must be scoped by an "extension," a named, yet well-known, change to the API.
81Users may invoke IsExtensionAvailable() after grabbing a list of extensions from the server with GetExtensions().
82This of course assumes you know the name of the extension ahead of time.
83
84Here's a simple example of listing all the aliases for supported extensions.
85Once you have an alias to an extension, everything else about it may be queried through accessors.
86
87 package main
88
89 import (
90 "fmt"
91 "github.com/rackspace/gophercloud/openstack/identity"
92 "github.com/rackspace/gophercloud/openstack/utils"
93 )
94
95 func main() {
96 // Create an initialized set of authentication options based on available OS_*
97 // environment variables.
98 ao, err := utils.AuthOptions()
99 if err != nil {
100 panic(err)
101 }
102
103 // Attempt to query extensions.
104 exts, err := identity.GetExtensions(ao)
105 if err != nil {
106 panic(err)
107 }
108
109 // Print out a summary of supported extensions
110 aliases, err := exts.Aliases()
111 if err != nil {
112 panic(err)
113 }
114 fmt.Println("Extension Aliases:")
115 for _, alias := range aliases {
116 fmt.Printf(" %s\n", alias)
117 }
118 }
119*/
120package identity