When working with images in the SDK, you will call
novaclient methods.
To generate a keypair, call the
novaclient.v1_1.keypairs.KeypairManager.create
method:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) keypair_name = "staging" keypair = nova.keypairs.create(name=keypair_name) print keypair.private_key
The Python script output looks something like this:
-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEA8XkaMqInSPfy0hMfWO+OZRtIgrQAbQkNcaNHmv2GN2G6xZlb\nuBRux5Xk/6SZ ABaNPm1nRWm/ZDHnxCsFTcAl2LYOQXx3Cl2qKNY4r2di4G48GAkd\n7k5lDP2RgQatUM8npO0CD9PU ... mmrceYYK08/lQ7JKLmVkdzdQKt77+v1oBBuHiykLfI6h1m77NRDw9r8cV\nzczYeoALifpjTPMkKS8 ECfDCuDn/vc9K1He8CRaJHf8AMLQLM3MN -----END RSA PRIVATE KEY-----
You typically write the private key to a file to use it later. The file must be readable and writeable by only the file owner; otherwise, the SSH client will refuse to read the private key file. It is safest to create the file with the appropriate permissions, as shown in the following example:
import novaclient.v1_1.client as nvclient
import os
nova = nvclient.Client(...)
keypair_name = "staging"
private_key_filename = "/home/alice/id-staging"
keypair = nova.keypairs.create(name=keypair_name)
# Create a file for writing that can only be read and written by owner
fp = os.open(private_key_filename, os.O_WRONLY | os.O_CREAT, 0o600)
with os.fdopen(fp, 'w') as f:
f.write(keypair.private_key)If you have already generated a keypair with the
public key located at ~/.ssh/id_rsa.pub,
pass the contents of the file to the
novaclient.v1_1.keypairs.KeypairManager.create
method to import the public key to Compute:
import novaclient.v1_1.client as nvclient
import os.path
with open(os.path.expanduser('~/.ssh/id_rsa.pub')) as f:
public_key = f.read()
nova = nvclient.Client(...)
nova.keypairs.create('mykey', public_key)To list keypairs, call the
novaclient.v1_1.keypairs.KeypairManager.list
method:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) keypairs = nova.keypairs.list()
To list security groups for the current project, call the
novaclient.v_1.security_groups.SecurityGroupManager.list method:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) security_groups = nova.security_groups.list()
To create a security group with a specified name and description,
call the novaclient.v_1.security_groups.SecurityGroupManager.create method:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) nova.security_groups.create(name="web", description="Web servers")
To delete a security group, call the
novaclient.v_1.security_groups.SecurityGroupManager.delete method, passing either a novaclient.v1_1.security_groups.SecurityGroup
object or group ID as an argument:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) group = nova.security_groups.find(name="web") nova.security_groups.delete(group) # The following lines would also delete the group: # nova.security_groups.delete(group.id) # group.delete()
Access the security group rules from the rules
attribute of a novaclient.v1_1.security_groups.SecurityGroup object:
import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) group = nova.security_groups.find(name="web") print group.rules
To add a rule, to a security group, call the novaclient.v1_1.security_group_rules.SecurityGroupRuleManager.create
method:
import novaclient.v1_1.client as nvclient
nova = nvclient.Client(...)
group = nova.security_groups.find(name="web")
# Add rules for ICMP, tcp/80 and tcp/443
nova.security_group_rules.create(group.id, ip_protocol="icmp",
from_port=-1, to_port=-1)
nova.security_group_rules.create(group.id, ip_protocol="tcp",
from_port=80, to_port=80)
nova.security_group_rules.create(group.id, ip_protocol="tcp",
from_port=443, to_port=443)