I had a customer ask some questions around feasibility of integrating with RightScale, a cloud-based software company that specializes in managing multiple cloud-base infrastructures in one location. The customer was hoping to implement the integration with our Runbook Automation workflows as well. While this post will not cover the situation of RightScale within workflow, we will talk about potential functions or libraries that you can create that could be consumed by “Run Script” workflow activities or business rules and beyond.

The RightScale API Overview

RightScale uses a REST based web service interface. The API supports a username/password authentication scenario which I used. Essentially, before issuing API commands, you need to perform a Login web service call to receive a token. Once you have received the token, you use that token in subsequent web service calls. At the time of this article, the default token life is about two hours since the last use.

In this article we use RightScale with an Amazon EC2 account that I play with.

For more information on the RightScale REST API, feel free to visit: RightScale REST API Documentation.

Login

Let’s cover the login. The login takes place by using a RESTful GET command to the Login Resource. This resource is in the following format: https://my.rightscale.com/api/acct/ACCOUNT_NUMBER/login/. Substitude the ACCOUNT_NUMBER text with your RightScale account number. This request will require Basic Authentication where you use your RightScale username and password.

The following is the REST Message “get” record that I designed for this call:

Function: get
REST Endpoint: https://my.rightscale.com/api/acct/${account}/login/
Use Basic auth: True
Basic auth user ID: myemailaddress@mycompany.com
Basic auth user password: mypassword

REST Message Function Headers

• X-API-VERSION : 1.0

Here is what it looks like in the UI:

Notice the “${account}” variable that I have in my REST endpoint URL. This will be replaced with the value of the account number when a script executes this web service call.

Now that we have a REST Message record, we can write some script that can be reused within other areas of the product to obtain and authentication token for RightScale.

When the request is made, one of the Response HTTP Headers will contain cookie information that includes a session key. The cookie information is returned in the “Set-Cookie” header. The value of that cookie string will look like this:

rs_gbl=eNotkFtvgjAYhv_K0mswlGMlWTIymUwcnjJrdmNKaRGBMk4KM_731cSb7-Z93jf5nhsgwAXlCBSQtMC9gb5lDXBtCxrmXQEdBS40LGRABxpQAVki6Sli3EbEVC0uD4RMVx
GMHTWeMm7EFuGONpV7HXt2ddN4dOU8ONHerD7SfeCkzvZQrLDGONb08jvX0FdYhYl2nZlB
cawbux5XNApWASJj0W_W2zDp2Tz_dZan3sC1l2JzZ_mLat8FtRdhgeM9gpfkVy3ercs5D5t
PSqJoE_y1y7Dk-Mryyt8m1oGr580RD0Pn8d6fpT87Z-Pjss9o5g1GOD-IdbBE9lhqrw8lw0OJIKV8BSyqk3jxRMKalgkZEkqrXnRSlol0pABWkq
yQ3FlyE_Lk3qTOS0aZqK4TWpXgfv8H8-Nzpg%3D%3D; domain=.rightscale.com; path=/; HttpOnly

The portion of the string that is in “bold” is the actual session token.

Here is a sample example of calling the REST API for login, grabbing the Set-Cookie response header, and parsing out the session key:

Create a Server in Amazon EC2 Cloud

Now that we can get a session token, let’s do something real. We are going to use the API to create a Server object in RightScale for my Amazon EC2 cloud.

The creation of a Server takes place by using a RESTful POST command to the “servers” Resource. This resource is in the following format: https://my.rightscale.com/api/acct/ACCOUNT_NUMBER/servers. Substitude the ACCOUNT_NUMBER text with your RightScale account number.

The following is the REST Message “post” record that I designed for this call:

Function: post
REST Endpoint: https://my.rightscale.com/api/acct/${account}/servers
Use Basic auth: False

REST Message Function Headers

• X-API-VERSION : 1.0
• Authorization : Bearer ${sessionKey}

Content: (No line breaks)
server[deployment_href]=${deployment}&server[nickname]=${nickname}
&server[server_template_href]=${serverTemplate}
&server[ec2_ssh_key_href]=${sshkey}&server[instance_type]=
${instanceType}&cloud_id=${cloudID}&server[vpc_subnet_href]={$vpcSubnet}

Notice that I have variables in the REST Endpoint (for account information), in the Authorization function header (to submit the session key), and throughout the content (for information about the server we are going to create).

The GUI for this record might look like:

After making a request with this information, the web service should return a status code of 201 along with an HTTP Header for “Location” which contains a URL for the server object that is created.

Here is some sample code that could be used to test this feature out (Please note that I reuse functions from the previously listed code):

Delete a Server

We can also use the API to delete a Server object in RightScale for my Amazon EC2 cloud.

The deletion of a Server takes place by using a RESTful DELETE command to the “servers” Resource. This resource is in the following format: https://my.rightscale.com/api/acct/ACCOUNT_NUMBER/servers/SERVER_ID. Substitude the ACCOUNT_NUMBER text with your RightScale account number and SERVER_ID with the ID (not full URL) of the server object you want to delete..

The following is the REST Message “delete” record that I designed for this call:

Function: delete
REST Endpoint: https://my.rightscale.com/api/acct/${account}/servers/${serverID}
Use Basic auth: False

REST Message Function Headers

• X-API-VERSION : 1.0
• Authorization : Bearer ${sessionKey}

The UI representation for this record might look like:

Here is some code that we could leverage to delete a server using our web service:

Round Trip Coding Example

Let’s take the various scripts that compiled above and write a script that authenticates, creates a server object, and then deletes that server object: