Use the Curl command in OpenStack to get token and access the underlying API

Use the Curl command in OpenStack to get token and access the underlying API

In Oepnstack, access to the services provided (such as creating a virtual machine, etc.) requires first obtaining a certified token, which is a credential, obtained by sending a load authentication request to the OpenStack identity module, typically with a user name and password in the payload. When accessing the services provided at the bottom, the token needs to be encapsulated in the X-auth-token header, and if you need to access multiple services provided by OpenStack, you need to provide a token for each service, it is worth noting that each token has an expiry time, over this time , token will automatically expire. The following example details the use of the Linux Curl command to send an HTTP request for token and access to the Nova Keypairs service.

You need to use DEVSTACK/OPENRC to set Os_passward,os_username and Os_projectname before using it (you need to encapsulate it in the header field of the HTTP request)

1. Get token

Execute in Terminal: Curl-s-x POST $OS _auth_url/tokens-h "Content-type:application/json"-d ' {"AUTH": {"tenantname": "'" $OS _project _name "'", "passwordcredentials": {"username": "'" $OS _username "'", "Password": "'" $OS _password "'"}}} ' | Python-m Json.tool

The returned results are as follows:

Because of the space reason, you cannot return the returned results at once, you can see the token part of the returned result:

At this point, we can see expires after the expiry time, for 2016-10-22t02:23:27z,id behind is token, for b0cad0d8ab3b478683180985d06c437a. We can directly encapsulate the token in the HTTP header field via the Curl command, or export it as an environment variable, and then directly encapsulate the environment variable, which is essentially the same, where we use the export for convenience, as shown here:

2. Send API request to access Nova Keypairs service

By using Nova--help, we can see that Python-novaclient provides four commands for keypairs access, namely Keypair-add,keypair-delete, Keypair-list and Keypair-show, which correspond to API one by one on the official web, are as follows:

as you can see, if you want to create a new keypair, you need to use the post command. We continue to use the Nova help Keypair-add command to see the detailed use of the command, as follows:

For example, we can get through Nova Keypair-add KEYPAIR-D20A3D59-9433-4B79-8726-20B431D89C78 Create a keypair named Keypair-d20a3d59-9433-4b79-8726-20b431d89c78, To see more information, we can add the--debug parameter behind the Nova, and the entire process of creating the KeyPair is displayed in the terminal (note that python-novaclient encapsulates our HTTP request and uses Curl to send an HTTP request). Intercept the fragments to analyze:

This is the token that gets

We can see that a post command was sent, which encapsulates the accept,user-agent,openstack-api-version,x-openstack-nova-api-version, The X-auth-token and Content-type header fields (-H is the meaning of the Package header field), and x-auth-toekn encapsulates the token we obtained earlier. The following KeyPair field represents the body of the HTTP, corresponding to the user's data, KeyPair contains the type and name fields, where the Name field is our previous Nova--debug Keypair-add The name of the keypair that corresponds to the keypair-d20a3d59-9433-4b79-8726-20b431d89c78 command. This is consistent with the official documentation, as follows:

In summary, after we use the Curl command to obtain tokens, export, you can use the Curl command to access the corresponding services, for example, to create a keypair:

Curl-g-i-x POST Http://192.168.140.133:8774/v2.1/os-keypairs-H "Accept:application/json"-H "User-agent:python-nova Client "-H" openstack-api-version:compute 2.37 "-H" x-openstack-nova-api-version:2.37 "-H" X-auth-token: $OS _token "-H" Content-type:application/json "-d ' {" KeyPair ": {" Type ":" SSH "," name ":" Keypair-d20a3d59-9433-4b79-8726-20b431d89c12 "}}‘

Where the field after the name needs to be changed to a different name than the KeyPair name created earlier, where the last two bits are changed to 12, then the field after X-auth-token is changed to our export os_token, preceded by a $, representing the system environment variable.

The results are as follows:

You can see that we have created a keypair named Keypair-d20a3d59-9433-4b79-8726-20b431d89c12, and then, for easy viewing, you can use the Nova Keypair-list See all the kyepair that we created as follows:

At this point, the entire process of accessing the OpenStack service using the Curl command is complete.

To summarize:

First, you need to use the Curl command to obtain token, and then access the corresponding service needs to be encapsulated in the HTTP X-auth-token header field, and according to the use of the official API to encapsulate the other head or body (corresponding post), To access the OpenStack service. Also, usually the get of the HTTP protocol corresponds to the list service, post corresponds to the Create service, put corresponds to the update service, and delete corresponds to the Delete service.

Use the Curl command in OpenStack to get token and access the underlying API