Order a Service using API from Global to Remote under customer name


#1

Hi,

We are in process to move to the centralised single pane of Cloudforms global and remote instances
As custom automation cannot be executed from Global to Remote we are in process of writing API calls from global to remote
Also catalog items are synced from remote to global but the problem is that if we have 3 regions and 1 Global region then there will be for example 3 catalog items for “Windows 2016” for different regions
So I was thinking to create a generic catalog item in Global Region and then through the Automation call the API to invoke “Order Service” in the remote regions.
I am able to successfully order a service but the problem that I am facing is Authentication.
I can have a service account that we can use to authenticate from Global to Remote but how can we order service in specific customer environments
Every customer environment is tagged so when a customer logs in and orders a service then all the tags are used and specific naming conventions and resources are allocated. All that is working in the remote regions but through the API from the global I would want to execute “Order Service” and the requester_name should be the logged in user in the Global Region.
How can I get the logged in user credentials and pass that info to the remote region?

Any help would be really appreciated

Regards
Irshad


#2

@pemcg : Any help from you on this ???


#3

Hi @irshad2005,

I am also doing it to create a smaller service catalog where the real catalog item is selected during provisioning, based on dialog information. To do so, I order the service through the API using a service account. Then, all the services are provisioned with this services account and belong to it. To work around this, I have added extra fields to my dialogs for the user and group ids the service should belong to. And in my service state machine, I use this information to change ownership once every resources have been created.

The code of that method is the following:

def set_service_ownership(service, owner, group)
  service.owner = owner
  service.group = group
  service.vms.each { |vm| vm.owner = owner ; vm.group = group }
  service.all_service_children.each { |sc| set_service_ownership(sc, owner, group) }
end

task = $evm.root['service_template_provision_task']

owner = $evm.vmdb('user').find_by_id($evm.root['dialog_option_0_requester_user_id'])
group = $evm.vmdb('miq_group').find_by_id($evm.root['dialog_option_0_requester_group_id'])

set_service_ownership(task.destination, owner, group)

Note that the code is recursive as I usually create more than one level of children services.


#4

Hi @fdupont

Thanks for your info and this indeed worked for me
I made some more changes in the automation and the api worked

Now my other issue is that I call the catalog items from Global to Remote and all my Catalog Items are sitting in the Remote Region

I created a generic catalog service and trying to call it through the automation but that just doesnt work
I copied the CatalogItemInitization and created a new one called CatalogItemInitizationGlobal and I am calling my method that calls the api on the remote region
For some reason its never called and sits after approving the service requests and next_state is none
Any help on this please

Regards
Irshad


#5

Hi,

I got this working
In global if we need to provision using catalog then we need to enable the Provider Operations and it worked once I enabled it

Regards
Irshad