When working with images in the SDK, you will call
novaclient
methods.
To generate a keypair, call the
novaclient.v1_1.keypairs.KeypairManager.create
method:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) keypair_name = "staging" keypair = nova.keypairs.create(name=keypair_name) print keypair.private_key
The Python script output looks something like this:
-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEA8XkaMqInSPfy0hMfWO+OZRtIgrQAbQkNcaNHmv2GN2G6xZlb\nuBRux5Xk/6SZ ABaNPm1nRWm/ZDHnxCsFTcAl2LYOQXx3Cl2qKNY4r2di4G48GAkd\n7k5lDP2RgQatUM8npO0CD9PU ... mmrceYYK08/lQ7JKLmVkdzdQKt77+v1oBBuHiykLfI6h1m77NRDw9r8cV\nzczYeoALifpjTPMkKS8 ECfDCuDn/vc9K1He8CRaJHf8AMLQLM3MN -----END RSA PRIVATE KEY-----
You typically write the private key to a file to use it later. The file must be readable and writeable by only the file owner; otherwise, the SSH client will refuse to read the private key file. It is safest to create the file with the appropriate permissions, as shown in the following example:
import novaclient.v1_1.client as nvclient import os nova = nvclient.Client(...) keypair_name = "staging" private_key_filename = "/home/alice/id-staging" keypair = nova.keypairs.create(name=keypair_name) # Create a file for writing that can only be read and written by owner fp = os.open(private_key_filename, os.O_WRONLY | os.O_CREAT, 0o600) with os.fdopen(fp, 'w') as f: f.write(keypair.private_key)
If you have already generated a keypair with the
public key located at ~/.ssh/id_rsa.pub
,
pass the contents of the file to the
novaclient.v1_1.keypairs.KeypairManager.create
method to import the public key to Compute:
import novaclient.v1_1.client as nvclient import os.path with open(os.path.expanduser('~/.ssh/id_rsa.pub')) as f: public_key = f.read() nova = nvclient.Client(...) nova.keypairs.create('mykey', public_key)
To list keypairs, call the
novaclient.v1_1.keypairs.KeypairManager.list
method:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) keypairs = nova.keypairs.list()
To list security groups for the current project, call the
novaclient.v_1.security_groups.SecurityGroupManager.list
method:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) security_groups = nova.security_groups.list()
To create a security group with a specified name and description,
call the novaclient.v_1.security_groups.SecurityGroupManager.create
method:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) nova.security_groups.create(name="web", description="Web servers")
To delete a security group, call the
novaclient.v_1.security_groups.SecurityGroupManager.delete
method, passing either a novaclient.v1_1.security_groups.SecurityGroup
object or group ID as an argument:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) group = nova.security_groups.find(name="web") nova.security_groups.delete(group) # The following lines would also delete the group: # nova.security_groups.delete(group.id) # group.delete()
Access the security group rules from the rules
attribute of a novaclient.v1_1.security_groups.SecurityGroup object:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) group = nova.security_groups.find(name="web") print group.rules
To add a rule, to a security group, call the novaclient.v1_1.security_group_rules.SecurityGroupRuleManager.create
method:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) group = nova.security_groups.find(name="web") # Add rules for ICMP, tcp/80 and tcp/443 nova.security_group_rules.create(group.id, ip_protocol="icmp", from_port=-1, to_port=-1) nova.security_group_rules.create(group.id, ip_protocol="tcp", from_port=80, to_port=80) nova.security_group_rules.create(group.id, ip_protocol="tcp", from_port=443, to_port=443)