nova api执行过程（以nova list为例）

本文仅供学习参考：

• 使用devstack部署的openstack，需了解如何在screen中重新启动一个服务
• 请注意时间，因为openstack处在不断更新中，本文学习的是当前最新的openstack版本
• 在screen下用ipdb进行调试
• 对openstack整个架构有个大致了解
• 没有写明根目录的默认根目录是/opt/stack/nova（即openstack源码目录下的nova目录）

---

REQ: curl -g -i -X GET http://10.238.158.189/identity -H “Accept: application/json” -H “User-Agent: nova keystoneauth1/2.12.1 python-requests/2.11.1 CPython/2.7.6”

REQ: curl -g -i -X GET http://10.238.158.189:8774/v2.1 -H “User-Agent: python-novaclient” -H “Accept: application/json” -H “X-Auth-Token: {SHA1}1ed8ae56fa11986c2d3aef62a58d3355d9178d2c”

REQ: curl -g -i -X GET http://10.238.158.189:8774/v2.1/servers/detail -H “OpenStack-API-Version: compute 2.37” -H “User-Agent: python-novaclient” -H “Accept: application/json” -H “X-OpenStack-Nova-API-Version: 2.37” -H “X-Auth-Token: {SHA1}1ed8ae56fa11986c2d3aef62a58d3355d9178d2c”

第一步：从Keystone拿到一个授权的token
第二步：把返回的token填入api请求中，该步为验证版本v2.1之类的（不确定）
第三步：同样需要将token填入api请求，这一个步骤是真正的主要的请求即获得所有当前活跃状态的虚拟机

nova list命令转化为HTTP请求

由novaclient实现，不关注…

HTTP请求到WSGI Application

这里需要了解下WSGI和paste配置文件，WSGI推荐 –> https://www.fullstackpython.com/wsgi-servers.html

Nova API服务nova-api（在screen中对应的编号为6的window）在启动 时（没有发出HTTP请求时），会根据Nova配置文件（/etc/nova/nova.conf）的enable_apis选项内容创建一个或多个WSGI Server，用devstack部署默认的配置如下

enabled_apis = osapi_compute,metadata

Paste Deploy会在各个WSGI Server创建使参与进来，基于Paste配置文件（/etc/nova/api-paste.ini）去加载WSGI Application，加载WSGI Application由nova/service.py实现，加载后，WSGI Application就处在等待和监听状态。

class WSGIService(service.Service):    """Provides ability to launch API from a 'paste' configuration."""    def __init__(self, name, loader=None, use_ssl=False, max_url_len=None):        """Initialize, but do not start the WSGI server.        :param name: The name of the WSGI server given to the loader.        :param loader: Loads the WSGI application using the given name.        :returns: None        """        self.name = name        # 这里的name就是WSGI server name，比如osapi_compute或者metadata        # nova.service's enabled_apis        self.binary = 'nova-%s' % name        self.topic = None        self.manager = self._get_manager()        self.loader = loader or wsgi.Loader()        # 从paste配置文件加载 Nova API 对应的 WSGI Application        self.app = self.loader.load_app(name)        # inherit all compute_api worker counts from osapi_compute        if name.startswith('openstack_compute_api'):            wname = 'osapi_compute'        else:            wname = name        self.host = getattr(CONF, '%s_listen' % name, "0.0.0.0")        self.port = getattr(CONF, '%s_listen_port' % name, 0)        self.workers = (getattr(CONF, '%s_workers' % wname, None) or                        processutils.get_worker_count())        if self.workers and self.workers < 1:            worker_name = '%s_workers' % name            msg = (_("%(worker_name)s value of %(workers)s is invalid, "                     "must be greater than 0") %                   {'worker_name': worker_name,                    'workers': str(self.workers)})            raise exception.InvalidInput(msg)        self.use_ssl = use_ssl        self.server = wsgi.Server(name,                                  self.app,                                  host=self.host,                                  port=self.port,                                  use_ssl=self.use_ssl,                                  max_url_len=max_url_len)        # Pull back actual port used        self.port = self.server.port        self.backdoor_port = None

在nova-api运行过程中（发出了HTTP请求），Paste Deploy会将WSGI Server上监听到的HTTP请求根据Paste配置文件准确地路由到特定的WSGI Application，这其中经过了
nova.api.openstack.urlmap的urlmap_factory
nova.api.auth的pipeline_factory_v21
nova.api.openstack.compute的APIRouterV21.factory(路由到指定的app)

下面根据nova –debug list输出的请求信息，一一介绍
GET http://10.238.158.189:8774/v2.1/servers/detail
1.首先我们通过这个请求知道使用了v2.1的API，再根据paste配置文件中

[composite:osapi_compute]   <--use = call:nova.api.openstack.urlmap:urlmap_factory     <--/: oscomputeversions/v2: openstack_compute_api_v21_legacy_v2_compatible/v2.1: openstack_compute_api_v21    <--

则WSGI服务器osapi_compute将监听到这个请求，根据第一行use的内容我们知道是由nova.api.openstack.urlmap模块的urlmap_factory进行分发，即对应了openstack_compute_api_v21

2.在paste配置文件中，又有

[composite:openstack_compute_api_v21]   <--use = call:nova.api.auth:pipeline_factory_v21   <--noauth2 = cors http_proxy_to_wsgi compute_req_id faultwrap sizelimit noauth2 osapi_compute_app_v21keystone = cors http_proxy_to_wsgi compute_req_id faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v21   <--

可知又使用了nova.api.auth模块的pipeline_factory_v21进一步分发，并根据/etc/nova/nova.conf中认证策略“auth_strategy”选项使用参数keystone，在paste文件中，我们看到noauth2和keystone后面跟着一大串，不用过于深究，这是一个pipeline，最后一个是真正的app即osapi_compute_app_v21，从代码中分析可知根据这个pipeline，从后往前为这个app穿上一件件“外衣”，每一次封装都是封装成一个WSGI Application。
代码实现见nova/api/auth.py

def _load_pipeline(loader, pipeline):    filters = [loader.get_filter(n) for n in pipeline[:-1]]    app = loader.get_app(pipeline[-1])    filters.reverse()    for filter in filters:        app = filter(app)    return app

3.再由paste配置文件中

[app:osapi_compute_app_v21]paste.app_factory = nova.api.openstack.compute:APIRouterV21.factory

需要调用nova.api.openstack.compute的APIRouterV21.factory

WSGI Application到具体的执行函数

这个部分是最复杂的部分，函数的调用和封装很复杂，有时候看到最深层次也看不大懂了，如果有愿意分享的小伙伴欢迎多多交流

APIRouterV21类的定义在nova/api/openstack/__init__.py中，主要完成对所有资源的加载和路由规则的创建（得到一个mapper包含所有资源的路由信息），APIRouterV21初始化的最后一步是将这个mapper交给它的父类nova.wsgi.Router，完成mapper和_dismatch()的关联，在openstack中，每个资源对应一个Controller，也对应一个WSGI Application，比如请求
GET http://10.238.158.189:8774/v2.1/servers/detail
对应的Contrller就是资源servers的Controller，具体位置是nova/api/openstack/compute/servers.py中的ServersController，这个Controller中定义了各种action，其中有一个函数是detail()，最终会调用这个函数得到想要的结果
下面详细介绍其过程

1.所有资源的加载以及路由规则的创建

class APIRouterV21(base_wsgi.Router):       def __init__(self, init_only=None):        def _check_load_extension(ext):            return self._register_extension(ext)        # 使用stevedore的EnabledExtensionManager类载入位于setup.cfg        # 的nova.api.v21.extensions的所有资源        self.api_extension_manager = stevedore.enabled.EnabledExtensionManager(            namespace=self.api_extension_namespace(),            check_func=_check_load_extension,            invoke_on_load=True,            invoke_kwds={"extension_info": self.loaded_extension_info})        mapper = ProjectMapper()        self.resources = {}        # NOTE(cyeoh) Core API support is rewritten as extensions        # but conceptually still have core        if list(self.api_extension_manager):            # NOTE(cyeoh): Stevedore raises an exception if there are            # no plugins detected. I wonder if this is a bug.            # 所有资源进行注册，同时使用mapper建立路由规则            self._register_resources_check_inherits(mapper)            # 扩展现有资源及其操作            self.api_extension_manager.map(self._register_controllers)        LOG.info(_LI("Loaded extensions: %s"),                 sorted(self.loaded_extension_info.get_extensions().keys()))        super(APIRouterV21, self).__init__(mapper)

2.父类Router将mapper和dispatch()关联起来

class Router(object):    """WSGI middleware that maps incoming requests to WSGI apps."""    def __init__(self, mapper):        """Create a router for the given routes.Mapper.        Each route in `mapper` must specify a 'controller', which is a        WSGI app to call.  You'll probably want to specify an 'action' as        well and have your controller be an object that can route        the request to the action-specific method.        Examples:          mapper = routes.Mapper()          sc = ServerController()          # Explicit mapping of one route to a controller+action          mapper.connect(None, '/svrlist', controller=sc, action='list')          # Actions are all implicitly defined          mapper.resource('server', 'servers', controller=sc)          # Pointing to an arbitrary WSGI app.  You can specify the          # {path_info:.*} parameter so the target app can be handed just that          # section of the URL.          mapper.connect(None, '/v1.0/{path_info:.*}', controller=BlogApp())        """        self.map = mapper        self._router = routes.middleware.RoutesMiddleware(self._dispatch,                                                          self.map)       # <--    @webob.dec.wsgify(RequestClass=Request)    def __call__(self, req):        """Route the incoming request to a controller based on self.map.        If no match, return a 404.        """        return self._router    @staticmethod    @webob.dec.wsgify(RequestClass=Request)    def _dispatch(req):        """Dispatch the request to the appropriate controller.        Called by self._router after matching the incoming request to a route        and putting the information into req.environ.  Either returns 404        or the routed WSGI app's response.        """        match = req.environ['wsgiorg.routing_args'][1]        if not match:            return webob.exc.HTTPNotFound()        app = match['controller']        return app

这里的__call__函数进行了wsgify的封装，在这个Router被call的时候，或者是它的子类APIRouterV21在被call的时候，需要看webob.dec.wsgify里面是怎么进行封装的才能知道具体的执行过程。我们已经了解到，在从HTTP请求路由到特定的WSGI Apllication的时候，最终路由到的app是经过封装的，即经过了pipeline列出的一系列filter，所以这个时候我们要真正地调用时，需要一层层把外面的filter去掉，这个在/usr/local/lib/python2.7/dist-packages/webob/dec.py中的wsgify类中有一个__call__的定义

def __call__(self, req, *args, **kw):        """Call this as a WSGI application or with a request"""        func = self.func        if func is None:            if args or kw:                raise TypeError(                    "Unbound %s can only be called with the function it "                    "will wrap" % self.__class__.__name__)            func = req            return self.clone(func)        if isinstance(req, dict):            if len(args) != 1 or kw:                raise TypeError(                    "Calling %r as a WSGI app with the wrong signature")            environ = req            start_response = args[0]            req = self.RequestClass(environ)            req.response = req.ResponseClass()            try:                args = self.args                if self.middleware_wraps:                    args = (self.middleware_wraps,) + args                resp = self.call_func(req, *args, **self.kwargs)            except HTTPException as exc:                resp = exc            if resp is None:                ## FIXME: I'm not sure what this should be?                resp = req.response            if isinstance(resp, text_type):                resp = bytes_(resp, req.charset)            if isinstance(resp, bytes):                body = resp                resp = req.response                resp.write(body)            if resp is not req.response:                resp = req.response.merge_cookies(resp)            return resp(environ, start_response)        else:            if self.middleware_wraps:                args = (self.middleware_wraps,) + args            return self.func(req, *args, **kw)

这个函数定义了，被dec.wsgify封装后的函数在被调用的时候，会不断地把外面的“外衣”脱掉，一直到最核心的app，这个app是一个直接接收参数（environ, start_response）的wsgi app，我们看到在Router类的__init__操作中，初始化了一个self.router = routes.middleware.RoutesMiddleware(self._dispatch,self.map)，而routes.middleware.RoutesMiddleware的__call_函数是一个标准的WSGI Application，它接收参数（environ, start_response），如下，

    def __call__(self, environ, start_response):        """Resolves the URL in PATH_INFO, and uses wsgi.routing_args        to pass on URL resolver results."""        old_method = None        if self.use_method_override:            req = None        #（以下省略...）

所以在APIRouter被call的整个过程中，我们可以通过在dec.wsgify的__call__函数中加打印信息查看整个流程,打印每次被call时的func信息，结果如下（总共有三次类似的输出，因为有三次请求）

********************************************************************************<bound method CORS.__call__ of <oslo_middleware.cors.CORS object at 0x7f15db89ef50>>********************************************************************************<bound method HTTPProxyToWSGI.__call__ of <oslo_middleware.http_proxy_to_wsgi.HTTPProxyToWSGI object at 0x7f15db89eed0>>********************************************************************************<bound method ComputeReqIdMiddleware.__call__ of <nova.api.compute_req_id.ComputeReqIdMiddleware object at 0x7f15db89ee50>>********************************************************************************<bound method FaultWrapper.__call__ of <nova.api.openstack.FaultWrapper object at 0x7f15db89ec50>>********************************************************************************<bound method RequestBodySizeLimiter.__call__ of <oslo_middleware.sizelimit.RequestBodySizeLimiter object at 0x7f15db89edd0>>********************************************************************************<bound method AuthProtocol.__call__ of <keystonemiddleware.auth_token.AuthProtocol object at 0x7f15db89e690>>********************************************************************************<bound method NovaKeystoneContext.__call__ of <nova.api.auth.NovaKeystoneContext object at 0x7f15db89e6d0>>********************************************************************************<bound method APIRouterV21.__call__ of <nova.api.openstack.compute.APIRouterV21 object at 0x7f15dbf45990>>

和paste配置文件中的pipeline的顺序是一样的，即

keystone = cors http_proxy_to_wsgi compute_req_id faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v21

小结

看了几天的代码，很多还是一头雾水，python调用的库很多，openstack里又经常进行封装操作，有时候一个调用栈非常深，很容易混乱，这里涉及到的比如mapper是怎么建立路由的，等等，都没有在此深究，这种先看官网的exsample再尝试看代码，多设断点多调试，调试技巧很重要。继续努力！有小伙伴感兴趣的欢迎讨论。