-
Notifications
You must be signed in to change notification settings - Fork 3
Cloud Providers
The functionality provided through the JASMIN Cloud API represents a vast simplification of the functionality available in the underlying cloud platform. This decision was taken for two reasons:
- The target audience for the JASMIN Cloud, i.e. primarily scientists and developers with some Linux admin experience rather than experienced sysadmins.
- The limited amount of staff time available for support and experiences from exposing more complicated interfaces in the past. By limiting what we support to the 95% use case, we can provide a better overall service, and give users less opportunity to get themselves stuck.
The functionality exposed through the JASMIN Cloud API is currently limited to:
- Authenticate.
- List available tenancies.
- List quotas and current usage.
- List available images and machine sizes.
- Create a new machine from a pre-existing image and size. Networking and VM configuration are handled transparently (i.e. not configured by the user).
- List, power on, power off, restart and delete existing machines.
- List available external IPs.
- Allocate a new external IP.
- Attach and detach an external IP to a machine.
- Create, delete and list volumes.
- Attach and detach a volume to a machine.
In particular, we want the following to be controlled exclusively by the cloud admins:
- Available machine sizes.
- Available images.
- Networking and VM startup.
As an extra layer of security, it is also possible for a cloud admin to mark an image as allowing, or not allowing, machines provisioned from it to have an external IP (referred to as NATing, as the process generally involves a virtual router of some kind). The mechanism for doing this differs for each supported provider. For example, a template for a web server would want to allow external IPs, but a template for a database server might not. This would prevent users from attaching an externally visible IP address to database servers via the JASMIN Cloud API. However, this is not enforced by the underlying cloud platform - an external IP could still be attached using the cloud platform's native API or UI.
Functionality that has caused problems with our target audience in the past, and is deliberately not exposed, includes:
- Creating or uploading new images.
- The manipulation (creating, updating, deleting) of virtual networks.
- The manipulation of virtual routers (e.g. for NATing or firewalling).
- The manipulation of security groups, on platforms where they are supported.
- The manipulation of VM configuration scripts (e.g. cloud-init), including key injection.
Instead, this functionality is either not permitted or implemented transparently for the 95% use case by imposing certain requirements on the way the underlying cloud platform, and any tenancies (projects, organisations, etc.) created on it, are configured. The requirements for each provider are discussed in details on other pages of this wiki (see Supported providers below).
The functionality exposed by the JASMIN Cloud API is defined in a series of interfaces that live in the jasmin_cloud.provider.base module. The officially supported providers are listed below, but it should be possible to write an adapter for other providers. If you do, let us know!