Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

rOCCI:ROCCI-cli AWS Examples

From EGIWiki
Jump to navigation Jump to search

This page gives simple examples of using the OCCI gateway to Amazon Services as presented at the 2017 EGI Conference and Indigo Summit. You have been probably redirected here through a QR code.

If you like this presentation, why not vote for us in the Best poster poll.

Prerequisites

You need:

  • a VOMS proxy certificate. The following examples expect it to be located in file /tmp/x509up_u`id -u`
  • an OCCI client or at least an HTTP client
    • Examples given here use the rOCCI-cli client (available either from the EGI AppDB or from GitHub).
    • Simple HTTPs client such as curl may also be used for rudimentary management.
  • an SSH key pair (in case you really wish to log into your virtual machines). The following examples expect your public key to be located in ~/.ssh/id_rsa.pub

Examples

Listing Available Images

Note that the full list of images available from EC2 is extremely exhaustive. The EC2 backend for rOCCI-server supports filtering so that VO admins may limit the list of images that are displayed to theirs users.

occi --endpoint https://awsocci.cesnet.cz:11443/ --auth x509 --user-cred /tmp/x509up_u`id -u` --voms --action list --resource os_tpl

Or

curl --cert /tmp/x509up_u`id -u` --key /tmp/x509up_u`id -u` -H 'Content-Type: text/occi' -X GET https://awsocci.cesnet.cz:11443/-/ | \
grep 'occi/infrastructure#os_tpl'

Listing Available Resource Sizes

occi --endpoint https://awsocci.cesnet.cz:11443/ --auth x509 --user-cred /tmp/x509up_u`id -u` --voms --action list --resource resource_tpl

Or

curl --cert /tmp/x509up_u`id -u` --key /tmp/x509up_u`id -u` -H 'Content-Type: text/occi' -X GET https://awsocci.cesnet.cz:11443/-/ | \
grep 'occi/infrastructure#resource_tpl'

Listing Available Networks

AWS EC2 does not attach your VM to a default network (VPC). You must choose one every time.

occi --endpoint https://awsocci.cesnet.cz:11443/ --auth x509 --user-cred /tmp/x509up_u`id -u` --voms --action list --resource network

Or

curl --cert /tmp/x509up_u`id -u` --key /tmp/x509up_u`id -u` -H 'Content-Type: text/occi' -X GET https://awsocci.cesnet.cz:11443/network/

Creating a Virtual Machine

EC2 supports cloud-init but does not support simple setting of SSH keys. Therefore we need to go through the --user-data option and a cloud-init' file.

printf "#cloud-config\nusers:\n  - name: ubuntu\n    ssh-authorized-keys:\n      - `cat ~/.ssh/id_rsa.pub`\n" > /tmp/VMby${USER}.conf
VMID=$(occi --endpoint https://awsocci.cesnet.cz:11443/ --auth x509 --user-cred /tmp/x509up_u`id -u` --voms --action create --resource compute \
--mixin os_tpl#ami-971238f1 --mixin resource_tpl#t2_micro --attribute occi.core.title="VMby${USER}" \
--context user_data="file:///tmp/VMby${USER}.conf" --link /network/vpc-e2e4f686)

Or

printf "#cloud-config\nusers:\n  - name: ubuntu\n    ssh-authorized-keys:\n      - `cat ~/.ssh/id_rsa.pub`\n" > /tmp/VMby${USER}.conf
VMUUID=`uuidgen`
LNKUUID=`uuidgen`
VMID=$(cat << EOF | curl --cert /tmp/x509up_u`id -u` --key /tmp/x509up_u`id -u` -H 'Content-Type: text/plain' --data-binary @- -X POST https://awsocci.cesnet.cz:11443/compute/ | awk '{print $2}'
Category: compute; scheme="http://schemas.ogf.org/occi/infrastructure#"; class="kind"
Category: t2_micro;scheme="http://schemas.ec2.aws.amazon.com/occi/infrastructure/resource_tpl#";class="mixin"
Category: ami-971238f1;scheme="http://occi.awsocci.cesnet.cz/occi/infrastructure/os_tpl#";class="mixin"
Category: user_data;scheme="http://schemas.openstack.org/compute/instance#";class="mixin";location="/mixin/user_data/";title="OS contextualization mixin"
X-OCCI-Attribute: occi.core.id="${VMUUID}"
X-OCCI-Attribute: occi.core.title="VMby${USER}"
X-OCCI-Attribute: occi.compute.hostname="VMby${USER}"
X-OCCI-Attribute: org.openstack.compute.user_data="`base64 -w 0 /tmp/VMby${USER}.conf`"
Link: </network/vpc-e2e4f686>;rel="http://schemas.ogf.org/occi/infrastructure#network";self="/link/networkinterface/${LNKUUID}";category="http://schemas.ogf.org/occi/infrastructure#networkinterface";occi.core.id="${LNKUUID}";occi.core.target="/network/vpc-e2e4f686";occi.core.source="/compute/${VMUUID}"
EOF
)

Describing a Virtual Machine

occi --endpoint https://awsocci.cesnet.cz:11443/ --auth x509 --user-cred /tmp/x509up_u`id -u` --voms --action describe --resource ${VMID}

Or

curl --cert /tmp/x509up_u`id -u` --key /tmp/x509up_u`id -u` -H 'Content-Type: text/occi' -X GET ${VMID}

Deleting a Virtual Machine

occi --endpoint https://awsocci.cesnet.cz:11443/ --auth x509 --user-cred /tmp/x509up_u`id -u` --voms --action delete --resource ${VMID}

Or

curl --cert /tmp/x509up_u`id -u` --key /tmp/x509up_u`id -u` -H 'Content-Type: text/occi' -X DELETE ${VMID}