You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Vijay Venkatachalam <Vi...@citrix.com> on 2012/07/18 14:32:27 UTC
Building Management Server URL
Hi,
Is there way to programmatically build the Management Server's API URL from inside the code? I am intending to pass this to a network element, which will do API call back to the Management Server.
Currently,
I am getting the IP from "configDao.getValue(Config.ManagementHostIPAdr.key());"
Hardwiring Port to 8080
Hardwiring URI to /client/api
Result: https://<ms_ip>:8080/client/api
Is there a better way? Is there anything special that has to be done for cluster deployments?
Also, are there any other issues, will this require a NAT of some kind to reach the Management Server? Or Is there a firewall config that has to be done? Or will the management server be multi-homed with many nics with one ip per nic? Can we figure this out programmatically before sending the URL to the network element.
Thanks,
Vijay V.
RE: Building Management Server URL
Posted by Vijay Venkatachalam <Vi...@citrix.com>.
There was a better setting to use: "EndpointeUrl", which would return the API URL and it is expected to have the MS LB's ip. We are using that now.
The CS admin should make sure this setting is configured correctly and reachability for this is possible from the Network Element.
> -----Original Message-----
> From: Wido den Hollander [mailto:wido@widodh.nl]
> Sent: Thursday, July 19, 2012 5:30 PM
> To: cloudstack-dev@incubator.apache.org
> Subject: Re: Building Management Server URL
>
>
>
> On 18-07-12 19:12, Vijay Venkatachalam wrote:
> >
> > A network element like a loadbalancer running remotely from the
> > management server might want from time to time to retrieve some info
> > from CS mgmt server, or take an action on behalf of a user. so It
> > would want to use the API endpoint to interact with CS
> >
>
> I get it, but that would also imply that you have to supply user credentials to that
> network element, how would you otherwise let it authenticate with the API?
>
> Also, if you take Config.ManagementHostIPAdr.key() you get the local IP from
> that management server, but it could be a cluster with a loadbalancer in front.
>
> You better take the first IP from the global management.cidr I think.
>
> Wido
>
> >
> >> -----Original Message-----
> >> From: Wido den Hollander [mailto:wido@widodh.nl]
> >> Sent: Wednesday, July 18, 2012 7:34 PM
> >> To: cloudstack-dev@incubator.apache.org
> >> Subject: Re: Building Management Server URL
> >>
> >> Hi,
> >>
> >> On 18-07-12 14:32, Vijay Venkatachalam wrote:
> >>> Hi,
> >>> Is there way to programmatically build the Management Server's API
> >> URL from inside the code? I am intending to pass this to a network
> >> element, which will do API call back to the Management Server.
> >>>
> >>> Currently,
> >>> I am getting the IP from
> >> "configDao.getValue(Config.ManagementHostIPAdr.key());"
> >>> Hardwiring Port to 8080
> >>> Hardwiring URI to /client/api
> >>> Result: https://<ms_ip>:8080/client/api
> >>>
> >>> Is there a better way? Is there anything special that has to be
> >>> done for
> >> cluster deployments?
> >>>
> >>> Also, are there any other issues, will this require a NAT of some
> >>> kind to
> >> reach the Management Server? Or Is there a firewall config that has to be
> done?
> >> Or will the management server be multi-homed with many nics with one
> >> ip per nic? Can we figure this out programmatically before sending
> >> the URL to the network element.
> >>>
> >>
> >> Doing TCP connections back to yourself is something you should
> >> prevent at all times. How are you going to do this with the login credentials?
> >>
> >> I'm missing the point why you should do a callback to itself?
> >>
> >> Wido
> >>
> >>> Thanks,
> >>> Vijay V.
> >>>
> >>>
> >
Re: Building Management Server URL
Posted by Wido den Hollander <wi...@widodh.nl>.
On 18-07-12 19:12, Vijay Venkatachalam wrote:
>
> A network element like a loadbalancer running remotely from the management server might want from time to time to retrieve some info from CS mgmt server, or take an action on behalf of a user. so It would want to use the API endpoint to interact with CS
>
I get it, but that would also imply that you have to supply user
credentials to that network element, how would you otherwise let it
authenticate with the API?
Also, if you take Config.ManagementHostIPAdr.key() you get the local IP
from that management server, but it could be a cluster with a
loadbalancer in front.
You better take the first IP from the global management.cidr I think.
Wido
>
>> -----Original Message-----
>> From: Wido den Hollander [mailto:wido@widodh.nl]
>> Sent: Wednesday, July 18, 2012 7:34 PM
>> To: cloudstack-dev@incubator.apache.org
>> Subject: Re: Building Management Server URL
>>
>> Hi,
>>
>> On 18-07-12 14:32, Vijay Venkatachalam wrote:
>>> Hi,
>>> Is there way to programmatically build the Management Server's API
>> URL from inside the code? I am intending to pass this to a network element,
>> which will do API call back to the Management Server.
>>>
>>> Currently,
>>> I am getting the IP from
>> "configDao.getValue(Config.ManagementHostIPAdr.key());"
>>> Hardwiring Port to 8080
>>> Hardwiring URI to /client/api
>>> Result: https://<ms_ip>:8080/client/api
>>>
>>> Is there a better way? Is there anything special that has to be done for
>> cluster deployments?
>>>
>>> Also, are there any other issues, will this require a NAT of some kind to
>> reach the Management Server? Or Is there a firewall config that has to be done?
>> Or will the management server be multi-homed with many nics with one ip per
>> nic? Can we figure this out programmatically before sending the URL to the
>> network element.
>>>
>>
>> Doing TCP connections back to yourself is something you should prevent at all
>> times. How are you going to do this with the login credentials?
>>
>> I'm missing the point why you should do a callback to itself?
>>
>> Wido
>>
>>> Thanks,
>>> Vijay V.
>>>
>>>
>
RE: Building Management Server URL
Posted by Vijay Venkatachalam <Vi...@citrix.com>.
A network element like a loadbalancer running remotely from the management server might want from time to time to retrieve some info from CS mgmt server, or take an action on behalf of a user. so It would want to use the API endpoint to interact with CS
> -----Original Message-----
> From: Wido den Hollander [mailto:wido@widodh.nl]
> Sent: Wednesday, July 18, 2012 7:34 PM
> To: cloudstack-dev@incubator.apache.org
> Subject: Re: Building Management Server URL
>
> Hi,
>
> On 18-07-12 14:32, Vijay Venkatachalam wrote:
> > Hi,
> > Is there way to programmatically build the Management Server's API
> URL from inside the code? I am intending to pass this to a network element,
> which will do API call back to the Management Server.
> >
> > Currently,
> > I am getting the IP from
> "configDao.getValue(Config.ManagementHostIPAdr.key());"
> > Hardwiring Port to 8080
> > Hardwiring URI to /client/api
> > Result: https://<ms_ip>:8080/client/api
> >
> > Is there a better way? Is there anything special that has to be done for
> cluster deployments?
> >
> > Also, are there any other issues, will this require a NAT of some kind to
> reach the Management Server? Or Is there a firewall config that has to be done?
> Or will the management server be multi-homed with many nics with one ip per
> nic? Can we figure this out programmatically before sending the URL to the
> network element.
> >
>
> Doing TCP connections back to yourself is something you should prevent at all
> times. How are you going to do this with the login credentials?
>
> I'm missing the point why you should do a callback to itself?
>
> Wido
>
> > Thanks,
> > Vijay V.
> >
> >
Re: Building Management Server URL
Posted by Wido den Hollander <wi...@widodh.nl>.
Hi,
On 18-07-12 14:32, Vijay Venkatachalam wrote:
> Hi,
> Is there way to programmatically build the Management Server's API URL from inside the code? I am intending to pass this to a network element, which will do API call back to the Management Server.
>
> Currently,
> I am getting the IP from "configDao.getValue(Config.ManagementHostIPAdr.key());"
> Hardwiring Port to 8080
> Hardwiring URI to /client/api
> Result: https://<ms_ip>:8080/client/api
>
> Is there a better way? Is there anything special that has to be done for cluster deployments?
>
> Also, are there any other issues, will this require a NAT of some kind to reach the Management Server? Or Is there a firewall config that has to be done? Or will the management server be multi-homed with many nics with one ip per nic? Can we figure this out programmatically before sending the URL to the network element.
>
Doing TCP connections back to yourself is something you should prevent
at all times. How are you going to do this with the login credentials?
I'm missing the point why you should do a callback to itself?
Wido
> Thanks,
> Vijay V.
>
>