From e6918187568dbd01842d8d1d2c808ce16a894239 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 21 Apr 2024 13:54:28 +0200 Subject: Adding upstream version 18.2.2. Signed-off-by: Daniel Baumann --- doc/mgr/ceph_api/index.rst | 92 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 doc/mgr/ceph_api/index.rst (limited to 'doc/mgr/ceph_api/index.rst') diff --git a/doc/mgr/ceph_api/index.rst b/doc/mgr/ceph_api/index.rst new file mode 100644 index 000000000..1cdc9a97b --- /dev/null +++ b/doc/mgr/ceph_api/index.rst @@ -0,0 +1,92 @@ +.. _mgr ceph api: + +================ +Ceph RESTful API +================ + +Introduction +============ +The **Ceph RESTful API** (henceforth **Ceph API**) is provided by the +:ref:`mgr-dashboard` module. The Ceph API +service is available at the same URL as the regular Ceph Dashboard, under the +``/api`` base path (please refer to :ref:`dashboard-host-name-and-port`):: + + http://:/api + +or, if HTTPS is enabled (please refer to :ref:`dashboard-ssl-tls-support`):: + + https://:/api + +The Ceph API leverages the following standards: + +* `HTTP 1.1 `_ for API syntax and semantics, +* `JSON `_ for content encoding, +* `HTTP Content Negotiation `_ and `MIME `_ for versioning, +* `OAuth 2.0 `_ and `JWT `_ for authentication and authorization. + +.. warning:: + Some endpoints are still under active development, and should be carefully + used since new Ceph releases could bring backward incompatible changes. + + +Authentication and Authorization +================================ + +Requests to the Ceph API pass through two access control checkpoints: + +* **Authentication**: ensures that the request is performed on behalf of an existing and valid user account. +* **Authorization**: ensures that the previously authenticated user can in fact perform a specific action (create, read, update or delete) on the target endpoint. + +So, prior to start consuming the Ceph API, a valid JSON Web Token (JWT) has to +be obtained, and it may then be reused for subsequent requests. The +``/api/auth`` endpoint will provide the valid token: + +.. prompt:: bash $ + + curl -X POST "https://example.com:8443/api/auth" \ + -H "Accept: application/vnd.ceph.api.v1.0+json" \ + -H "Content-Type: application/json" \ + -d '{"username": , "password": }' + +:: + + { "token": "", ...} + +The token obtained must be passed together with every API request in the +``Authorization`` HTTP header:: + + curl -H "Authorization: Bearer " ... + +Authentication and authorization can be further configured from the +Ceph CLI, the Ceph-Dashboard UI and the Ceph API itself (please refer to +:ref:`dashboard-user-role-management`). + +Versioning +========== + +One of the main goals of the Ceph API is to keep a stable interface. For this +purpose, Ceph API is built upon the following principles: + +* **Mandatory**: in order to avoid implicit defaults, all endpoints require an explicit default version (starting with ``1.0``). +* **Per-endpoint**: as this API wraps many different Ceph components, this allows for a finer-grained change control. + * **Content/MIME Type**: the version expected from a specific endpoint is stated by the ``Accept: application/vnd.ceph.api.v.+json`` HTTP header. If the current Ceph API server is not able to address that specific major version, a `415 - Unsupported Media Type `_ response will be returned. +* **Semantic Versioning**: with a ``major.minor`` version: + * Major changes are backward incompatible: they might result in non-additive changes to the request and/or response formats of a specific endpoint. + * Minor changes are backward/forward compatible: they basically consists of additive changes to the request or response formats of a specific endpoint. + +An example: + +.. prompt:: bash $ + + curl -X GET "https://example.com:8443/api/osd" \ + -H "Accept: application/vnd.ceph.api.v1.0+json" \ + -H "Authorization: Bearer " + + +Specification +============= + +.. openapi:: ../../../src/pybind/mgr/dashboard/openapi.yaml + :group: + :examples: + :encoding: utf-8 -- cgit v1.2.3