如何使用python-novaclient验证Nova会话?

时间:2016-10-05 16:02:46

标签: python python-3.x authentication openstack-nova python-novaclient

我正在尝试设置nova客户端,并确保在客户端创建时没有身份验证错误。我的尝试如下:

from novaclient import client
from keystoneauth1 import session
from keystoneauth1.identity import v3

def setup_nova(creds):
    """
    Creates a nova instance with which we can leverage the OpenStack virtualization
    platform.

    :param creds: A dictionary containing the authorization url, username,
                  password, version, and project ID associated with the OpenStack
                  cluster.
    :type creds: dict
    """
    password = v3.PasswordMethod(username=creds['USERNAME'],
                                 password=creds['PASSWORD'],
                                 user_domain_name='default')

    auth = v3.Auth(auth_url=creds['AUTH_URL'],
                   auth_methods=[password],
                   project_id=creds['PROJECT_ID'])

    sess = session.Session(auth=auth)
    nova = client.Client(creds['VERSION'], session=sess)
    nova.authenticate()
    return nova

但是,nova.authenticate()调用会抛出novaclient.exceptions.InvalidUsage,告诉我对Session对象进行身份验证。但是,Session对象似乎没有办法进行身份验证。

虽然OpenStack会尝试对第一个请求进行身份验证并缓存身份验证,但我更愿意立即知道用户是否有权根据提供的凭据发出请求。

如何按需验证会话对象?

1 个答案:

答案 0 :(得分:0)

也许您可以尝试使用下面显示的keystoneclient document示例来验证新星会话:

>>> from keystoneauth1.identity import v3
>>> from keystoneauth1 import session
>>> from keystoneclient.v3 import client

>>> auth = v3.Password(auth_url='https://my.keystone.com:5000/v3',
...                    username='myuser',
...                    password='mypassword',
...                    project_id='proj',
...                    user_domain_id='domain')
>>> sess = session.Session(auth=auth,
...                        verify='/path/to/ca.cert')
>>> ks = client.Client(session=sess)
>>> users = ks.users.list()

我参考上面的例子来修改你的代码:

from novaclient import client
from keystoneauth1 import session
from keystoneauth1.identity import v3

def setup_nova(creds):
    """
    Creates a nova instance with which we can leverage the OpenStack     virtualization
    platform.

    :param creds: A dictionary containing the authorization url, username,
                  password, version, and project ID associated with the     OpenStack
                  cluster.
    :type creds: dict
    """
    auth = v3.PasswordMethod(auth_url=creds['AUTH_URL'],
                                 username=creds['USERNAME'],
                                 password=creds['PASSWORD'],
                                 project_id=creds['PROJECT_ID'],
                                 user_domain_name='default')
    sess = session.Session(auth=auth, verify=False)
    nova = client.Client(creds['VERSION'], session=sess)
    return nova
相关问题
最新问题