[Openstack] Can ec2-api-tools maintain OpenStack Nova ?

Masanori ITOH itoumsn at nttdata.co.jp
Thu Jan 20 11:09:50 UTC 2011 

Hi Funasaki-san,

I think that OpenStack does not implement EC2 SOAP API now,
the blueprint was deferred to Cactus.
Therefore, ec2-tools which uses EC2 API does not work, and 
we need to use euca2ools now.


BTW, do you subscribe Japan OpenStack Users Group ML?
Not a small number of Japanese OpenStack developers are on the list. :)


Regards,
Masanori

---
Masanori ITOH  R&D Headquarters, NTT DATA CORPORATION
               e-mail: itoumsn at nttdata.co.jp

From: Kenji Funasaki <kenji.funasaki at gmail.com>
Subject: [Openstack] Can ec2-api-tools maintain OpenStack Nova ?
Date: Thu, 20 Jan 2011 20:01:14 +0900

> # Sorry, I forgot to write title in last mail.
> 
> Hi,
> 
> I have a question about OpenStack API.
> 
> Is it possible to get image information by using ec2-describe-images (
> in EC2-API-TOOLS ) ?
> 
> - euca-describe-images succeeded.
> 
> # euca-describe-images
> IMAGE   ami-tiny        nebula/tiny     vishvananda     available
>  public          x86_64  machine aki-lucid       ari-lucid
> IMAGE   ari-lucid       nebula/lucid-ramdisk    admin   available
>  public          x86_64  ramdisk
> IMAGE   aki-lucid       nebula/lucid-kernel     admin   available
>  public          x86_64  kernel
> 
> - ec2-describe-images in EC2-API-TOOLS failed.
> 
> # ./ec2-describe-images
> Unexpected error:
> org.codehaus.xfire.fault.XFireFault: General security error; nested
> exception is:
>        java.security.cert.CertificateParsingException: invalid
> DER-encoded certificate data
>        at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
>        at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:83)
>        at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
>        at org.codehaus.xfire.client.Client.invoke(Client.java:336)
>        at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
>        at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
>        at $Proxy12.describeImages(Unknown Source)
>        at com.amazon.aes.webservices.client.Jec2.describeImages(Jec2.java:529)
>        at com.amazon.aes.webservices.client.cmd.DescribeImages.invokeOnline(DescribeImages.java:157)
>        at com.amazon.aes.webservices.client.cmd.BaseCmd.invoke(BaseCmd.java:795)
>        at com.amazon.aes.webservices.client.cmd.DescribeImages.main(DescribeImages.java:181)
> Caused by: org.apache.ws.security.WSSecurityException: General
> security error; nested exception is:
>        java.security.cert.CertificateParsingException: invalid
> DER-encoded certificate data
>        at com.amazon.aes.webservices.client.CryptoProxy.getCertificates(CryptoProxy.java:76)
>        at org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:286)
>        at com.amazon.aes.webservices.client.Jec2.signRequest(Jec2.java:231)
>        at com.amazon.aes.webservices.client.Jec2.access$000(Jec2.java:58)
>        at com.amazon.aes.webservices.client.Jec2$1.invoke(Jec2.java:143)
>        at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
>        at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
>        ... 9 more
> Caused by: java.security.cert.CertificateParsingException: invalid
> DER-encoded certificate data
>        at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1719)
>        at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:320)
>        at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:121)
>        at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:322)
>        at com.amazon.aes.webservices.client.CryptoProxy.getCertByName(CryptoProxy.java:116)
>        at com.amazon.aes.webservices.client.CryptoProxy.getCertificates(CryptoProxy.java:74)
>        ... 15 more
> 
> novarc file is following.
> 
> NOVA_KEY_DIR=$(pushd $(dirname $BASH_SOURCE)>/dev/null; pwd; popd>/dev/null)
> export EC2_ACCESS_KEY="admin:admin"
> export EC2_SECRET_KEY="admin"
> export EC2_URL="http://172.19.1.60:8773/services/Cloud"
> export S3_URL="http://172.19.1.60:3333"
> export EC2_USER_ID=42 # nova does not use user id, but bundling requires it
> export EC2_PRIVATE_KEY=${NOVA_KEY_DIR}/pk.pem
> export EC2_CERT=${NOVA_KEY_DIR}/cert.pem
> export NOVA_CERT=${NOVA_KEY_DIR}/cacert.pem
> export EUCALYPTUS_CERT=${NOVA_CERT} # euca-bundle-image seems to
> require this set
> alias ec2-bundle-image="ec2-bundle-image --cert ${EC2_CERT}
> --privatekey ${EC2_PRIVATE_KEY
> } --user 42 --ec2cert ${NOVA_CERT}"
> alias ec2-upload-bundle="ec2-upload-bundle -a ${EC2_ACCESS_KEY} -s
> ${EC2_SECRET_KEY} --url
>  ${S3_URL} --ec2cert ${NOVA_CERT}"
> 
> Thanks and regards,
> Kenji
> 
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

More information about the Openstack mailing list