@@ -11,15 +11,15 @@ It is simple because you only need to have two pieces of information:
1111* The credentials required to authenticate
1212
1313Once you have authenticated, the cloud provider will respond with a
14- [ service catalog] ( http://docs.rackspace.com/auth/api/v2.0/auth-client-devguide/content/Sample_Request_Response-d1e64.html )
14+ [ service catalog] ( http://docs.rackspace.com/auth/api/v2.0/auth-client-devguide/content/Sample_Request_Response-d1e64.html )
1515that contains links to all the
1616various provider's services. All you need to do is specify which service
1717to use, and the library will take care of finding the appropriate links.
1818
1919First, however, you need to know if you're using the Rackspace cloud
2020or an OpenStack cloud, and include the proper top-level file. These are
2121called * Connection* classes, because they establish a connection between an
22- authorized user and a specific cloud deployment. They are required for any use of
22+ authorized user and a specific cloud deployment. They are required for any use of
2323<b >php-opencloud</b >.
2424
2525## Authenticating against OpenStack clouds
@@ -42,7 +42,7 @@ Next, create an `OpenStack` object with the proper credentials:
4242
4343In this example, ` $credentials ` is an associative array (or "hashed" array). The
4444keys are ` username ` and ` password ` and their values are your assigned OpenStack user
45- name and password, respectively.
45+ name and password, respectively.
4646
4747## Authenticating against the Rackspace public cloud
4848
@@ -66,16 +66,83 @@ https://mycloud.rackspace.com/a/`username`/account/api-keys
6666
6767Note that Rackspace UK users will have a different ` $endpoint ` than US users.
6868
69+ ## Setting CURL Options
70+
71+ The ** php-opencloud** library uses the standard CURL methods for performing
72+ HTTP requests. If you need to pass additional options to CURL, you can
73+ provide them as an optional third argument to the ` OpenStack ` or
74+ ` Rackspace ` constructors. This argument must an associative array of
75+ option/value pairs. For example, if your code requires you to use an HTTP
76+ proxy:
77+
78+ $options = array(CURLOPT_PROXY=>'proxy-name');
79+ $cloud = new OpenCloud\OpenStack($endpoint, $credentials, $options);
80+
6981## Credential Caching
7082
71- Note that you only need to authenticate once; the <b >php-opencloud</b > library caches
72- your credentials internally and will reuse them until they expire, at which point it
83+ Note that you only need to authenticate once; the ** php-opencloud** library
84+ caches your credentials in memory and will reuse them until they expire, at
85+ which point it
7386will automatically re-authenticate. The only time you will need to create a new
74- ` OpenStack ` or ` Rackspace ` object is if your credentials change (for example, if your
87+ ` OpenStack ` or ` Rackspace ` object is if your credentials change (for example,
88+ if your
7589password changes) or to use a different account.
7690
77- Repeatedly re-authenticating can create a load on the authentication servers and
78- potentially degrade performance for all users.
91+ If your PHP process is highly transient (for example, a web page that reloads
92+ every time someone views it in a browser), then you can cache the credentials
93+ (for example, using APC or a local disk file) so that you do not have to
94+ re-authenticate for each request. ** php-opencloud** provides two methods for
95+ exporting and importing the credentials.
96+
97+ Repeatedly re-authenticating can create a load on the authentication servers and
98+ potentially degrade performance for all users. In addition, some deployments
99+ will limit the frequency with which you can authenticate.
100+
101+ ### Exporting Credentials
102+
103+ The ` OpenStack::ExportCredentials() ` method exports the current credentials
104+ (authorization token, expiration, tenant ID, and service catalog)
105+ as an array:
106+
107+ $cloud = new OpenStack('URL', array('username'=>'xx','password'=>'yy'));
108+ $cloud->Authenticate(); // retrieves credentials from identity service
109+ $arr = $cloud->ExportCredentials();
110+ store_credentials_in_cache($arr);
111+
112+ In this example, the ` Authenticate() ` method retrieves the credentials from
113+ the identity service; the example ` store_credentials_in_cache() ` function
114+ (not provided by ** php-opencloud** ; this is a made-up example) stores the
115+ credentials in the browser's APC cache. Of course, you could create a function
116+ to store the credentials in a local file, a database, or whatever meets your
117+ needs.
118+
119+ ## Importing Credentials
120+
121+ The ` OpenStack::ImportCredentials() ` method imports an array of credentials
122+ that was created by the ` ExportCredentials() ` method:
123+
124+ $cloud = new OpenStack('URL', array('username'=>'xx','password'=>'yy'));
125+ $arr = load_credentials_from_cache();
126+ $cloud->ImportCredentials($arr);
127+
128+ In this example, the (hypothetical) function ` load_credentials_from_cache() `
129+ loads the credentials that were saved earlier by the ` ExportCredentials() `
130+ method.
131+
132+ Note that the ` ImportCredentials() ` method must be used * before* any other
133+ ` OpenStack ` methods. This is because the ` OpenStack ` class will automatically
134+ re-authenticate whenever it needs a token.
135+
136+ $cloud = new OpenStack('URL', array('username'=>'xx','password'=>'yy'));
137+ // this automatically re-authenticates against the identity service
138+ $nova = $cloud->Compute(...);
139+ // this accidentally overwrites the new credentials with the old one
140+ $cloud->ImportCredentials(...);
141+
142+ In other words, this causes no increase in efficiency and, in fact, could
143+ actually double the number of requests to the identity service (because the
144+ cached credentials might be invalid, forcing another re-authentication
145+ on the next request).
79146
80147What's next?
81148------------
0 commit comments