目录
【任务 3】私有云运维开发[10 分]
【题目 1】Ansible 服务部署:部署 MariaDB 集群[2 分]
【题目 2】Ansible 服务部署:部署ELK 集群服务[2 分]
【题目 3】Python 运维开发:基于OpenStack Restful API 实现镜像上传[1 分]
【题目 4】Python 运维开发:基于 Openstack Python SDK 实现云主机创建[1 分]
【题目 5】Python 运维开发:云主机类型管理的命令行工具开发[2 分]
【题目 6】Python 运维开发:用户管理的命令行工具开发[2 分]
【任务 3】私有云运维开发[10 分]
【题目 1】Ansible 服务部署:部署 MariaDB 集群[2 分]
使用OpenStack 私有云平台,创建 4 台系统为centos7.9 的云主机,其中一台作为 Ansible 的母机并命名为 ansible,另外三台云主机命名为 node1、node2、node3;使用这一台母机,编写 Ansible 脚本(在/root 目录下创建 example 目录作为 Ansible 工作目录,部署的入口文件命名为 cscc_install.yaml ) , 对其他三台云主机进行安装高可用数据库集群 (MariaDB_Galera_cluster,数据库密码设置为 123456)的操作(所需的安装包在 HTTP 服务中)。完成后提交 Ansible 节点的用户名、密码和 IP 地址到答题框。(考试系统会连接到你的Ansible 节点,去执行 Ansible 脚本,请准备好 Ansible 运行环境,以便考试系统访问)
(1)环境准备
节点 地址
ansible 192.168.100.10
node1 192.168.100.20
node2 192.168.100.30
node3 192.168.100.40
(2)环境配置
root@localhost \~\]# hostnamectl set-hostname ansible \[root@localhost \~\]# su \[root@ansible \~\]# \[root@localhost \~\]# hostnamectl set-hostname node1 \[root@localhost \~\]# su \[root@node1 \~\]# \[root@localhost \~\]# hostnamectl set-hostname node2 \[root@localhost \~\]# su \[root@node2 \~\]# \[root@localhost \~\]# hostnamectl set-hostname node3 \[root@localhost \~\]# su \[root@node3 \~\]# ## 将ip地址映射成主机名(其他3台节点配置一样,此处省略) \[root@ansible \~\]# vi /etc/hosts 192.168.100.10 ansible 192.168.100.20 node1 192.168.100.30 node2 192.168.100.40 node3 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 #关闭防火墙和selinux(其他3台节点配置一样,此处省略) \[root@ansible \~\]# systemctl stop firewalld \&\& setenforce 0 ## ansible节点部署ansible服务(通过CRT远程工具将提供的ansible软件包上传到ansible节点) \[root@ansible \~\]# tar -xvf ansible.tar.gz #删除centos自带的源并配置本地yum源安装ansible服务 \[root@ansible \~\]# mv /etc/yum.repos.d/\* /home/ \[root@ansible \~\]# vi /etc/yum.repos.d/local.repo \[ansible
name=ansible
baseurl=file:///root/ansible
gpgcheck=0
enabled=1
root@ansible \~\]# yum install ansible -y #检查是否安装完成 \[root@ansible \~\]# ansible --version ansible 2.9.10 config file = /etc/ansible/ansible.cfg configured module search path = \[u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, Oct 14 2020, 14:45:30) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)]
(3)设置免密
root@ansible \~\]# ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:svV0oqhTRNGB/tH37Xi49/OUg+AFu2XlxcKhsyXm+wI root@ansible The key's randomart image is: ±--\[RSA 2048\]----+ \| .+... . \| \| o . o o \| \| o . .= +.o\| \| o . .o+=o...\| \| ...S.o++= o \| \| .=.+Eo\*.o o\| \| .o . .+... *.\| \| ... ...oo=\| \| ... .o+* \| ±---\[SHA256\]-----+ \[root@ansible \~\]# ssh-copy-id root@node1 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host 'node1 (192.168.100.20)' can't be established. ECDSA key fingerprint is SHA256:sGY4R7darwNovS7pGeQNm9FzQjanFFmnwJHO5PRo0RE. ECDSA key fingerprint is MD5:fa:5d:85:af:69:0d:63:78:ac:4e:9a:5b:c1:a6:b2:60. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@node1's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@node1'" and check to make sure that only the key(s) you wanted were added. \[root@ansible \~\]# ssh-copy-id root@node2 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host 'node2 (192.168.100.30)' can't be established. ECDSA key fingerprint is SHA256:sGY4R7darwNovS7pGeQNm9FzQjanFFmnwJHO5PRo0RE. ECDSA key fingerprint is MD5:fa:5d:85:af:69:0d:63:78:ac:4e:9a:5b:c1:a6:b2:60. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@node2's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@node2'" and check to make sure that only the key(s) you wanted were added. \[root@ansible \~\]# ssh-copy-id root@node3 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host 'node3 (192.168.100.40)' can't be established. ECDSA key fingerprint is SHA256:sGY4R7darwNovS7pGeQNm9FzQjanFFmnwJHO5PRo0RE. ECDSA key fingerprint is MD5:fa:5d:85:af:69:0d:63:78:ac:4e:9a:5b:c1:a6:b2:60. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@node3's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'root@node3'" and check to make sure that only the key(s) you wanted were added. (4)修改ansible文件配置组 \[root@ansible \~\]# vi /etc/ansible/hosts \[node
node1
node2
node3
node1
node1
node2
node2
node3
node3
#解压mariadb.tar软件包将mariadb-repo源拷贝到node1,node2,node3节点的/root目录下
root@ansible \~\]# tar -xvf mariadb.tar mariadb/ mariadb/mariadb-repo.tar.gz mariadb/Mycat-server-1.6-RELEASE-20161028204710-linux.tar.gz mariadb/schema.xml \[root@ansible \~\]# tar -xvf mariadb/mariadb-repo.tar.gz \[root@ansible \~\]# scp -r mariadb-repo/ root@node1:/root \[root@ansible \~\]# scp -r mariadb-repo/ root@node2:/root \[root@ansible \~\]# scp -r mariadb-repo/ root@node3:/root (5)创建ansible执行的工作目录编写执行playbook剧本的相关文件 \[root@ansible \~\]# mkdir cscc_galera(应该是example目录) \[root@ansible \~\]# cd cscc_galera/ #创建local.repo文件 \[root@ansible cscc_galera\]# vi local.repo \[centos
name=centos
baseurl=file:///opt/centos #自行挂载centos7.9镜像到/opt目录
gpgcheck=0
enabled=1
mariadb
name=mariadb
baseurl=file:///root/mariadb-repo
gpgcheck=0
enabled=1
#创建server.cnf文件
root@ansible cscc_galera\]# vi server.cnf \[server
mysqld
galera
wsrep_on=ON
wsrep_provider=/usr/lib64/galera/libgalera_smm.so
wsrep_cluster_address=gcomm://node1,node2,node3
binlog_format=row
default_storage_engine=InnoDB
innodb_autoinc_lock_mode=2
bind-address=0.0.0.0
wsrep_slave_threads=1
innodb_flush_log_at_trx_commit=0
embedded
mariadb
mariadb-10.3
#创建playbook剧本文件
root@ansible cscc_galera\]# vi install_galera.yaml(应该是cscc_install.yaml) * hosts: all remote_user: root tasks: * name: rm repo shell: rm -rf /etc/yum.repos.d/\* * name: copy repo copy: src=local.repo dest=/etc/yum.repos.d/ * name: install mariadb yum: name=mariadb-server * name: start mariadb service: name=mariadb state=started enabled=yes * name: init_mysql shell: mysqladmin -uroot password 123456 * name: stop mariadb service: name=mariadb state=stopped * name: copy server.cnf copy: src=server.cnf dest=/etc/my.cnf.d/server.cnf * hosts: node1 remote_user: root tasks: * name: start mariadb shell: /usr/sbin/mysqld --wsrep-new-cluster -u root \& * hosts: node2,node3 remote_user: root tasks: * name: start mariadb shell: systemctl start mariadb (6)执行入口文件 \[root@ansible cscc_galera\]# ansible-playbook install_galera.yaml \[WARNING\]: Found both group and host with same name: node1 \[WARNING\]: Found both group and host with same name: node3 \[WARNING\]: Found both group and host with same name: node2 PLAY \[all\] \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* TASK \[Gathering Facts\] \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* ok: \[node3
ok: [node2]
ok: [node1]
TASK [rm repo] ***************************************************************************************************
WARNING\]: Consider using the file module with state=absent rather than running 'rm'. If you need to use command because file is insufficient you can add 'warn: false' to this command task or set 'command_warnings=False' in ansible.cfg to get rid of this message. changed: \[node2
changed: [node3]
changed: [node1]
TASK [copy repo] *************************************************************************************************
changed: [node3]
changed: [node2]
changed: [node1]
TASK [install mariadb] *******************************************************************************************
changed: [node2]
changed: [node3]
changed: [node1]
TASK [start mariadb] *********************************************************************************************
changed: [node1]
changed: [node2]
changed: [node3]
TASK [init_mysql] ************************************************************************************************
changed: [node2]
changed: [node1]
changed: [node3]
TASK [stop mariadb] **********************************************************************************************
changed: [node1]
changed: [node2]
changed: [node3]
TASK [copy server.cnf] **********************************************************************************************
changed: [node1]
changed: [node2]
changed: [node3]
PLAY [node1] *****************************************************************************************************
TASK [Gathering Facts] *******************************************************************************************
ok: [node1]
TASK [start mariadb] *********************************************************************************************
changed: [node1]
PLAY [node2,node3] ***********************************************************************************************
TASK [Gathering Facts] *******************************************************************************************
ok: [node2]
ok: [node3]
TASK [start mariadb] *********************************************************************************************
changed: [node2]
changed: [node3]
PLAY RECAP *******************************************************************************************************
node1 : ok=9 changed=7 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
node2 : ok=9 changed=7 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
node3 : ok=9 changed=7 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
root@ansible cscc_galera\]# (7)验证,检查wsrep_cluster_size的值是否为3/wsrep_ready的状态是否为ON \[root@ansible cscc_galera\]# ssh node1 Last login: Fri Aug 26 05:01:52 2022 from 192.168.100.1 \[root@node1 \~\]# mysql -uroot -p123456 Welcome to the MariaDB monitor. Commands end with ; or \\g. Your MariaDB connection id is 10 Server version: 10.3.23-MariaDB MariaDB Server Copyright © 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\\h' for help. Type '\\c' to clear the current input statement. MariaDB \[(none)\]\> show status like 'wsrep_cluster_size'; ±-------------------±------+ \| Variable_name \| Value \| ±-------------------±------+ \| wsrep_cluster_size \| 3 \| ±-------------------±------+ 1 row in set (0.001 sec) MariaDB \[(none)\]\> show status like 'wsrep_ready'; ±--------------±------+ \| Variable_name \| Value \| ±--------------±------+ \| wsrep_ready \| ON \| ±--------------±------+ 1 row in set (0.001 sec) MariaDB \[(none)\]\> 1.执行yaml 文件正确计 0.5 分 2.检查数据库集群部署正确计 1 分 3.检查数据库集群数量为 3 正确计 0.5 分 【题目 2】Ansible 服务部署:部署ELK 集群服务\[2 分
使用赛项提供的OpenStack 私有云平台,创建三台 CentOS7.9 系统的云主机分别命名为elk-1、elk-2 和elk-3,Ansible 主机可以使用上一题的环境。要求Ansible 节点编写剧本,执行 Ansible 剧本可以在这三个节点部署 ELK 集群服务(在/root 目录下创建 install_elk 目录作为 ansible 工作目录,部署的入口文件命名为 install_elk.yaml)。具体要求为三个节点均安装Elasticserach 服务并配置为 Elasticserach 集群;kibana 安装在第一个节点;Logstash 安装在第二个节点。(需要用到的软件包在 HTTP 服务下)完成后提交 ansible 节点的用户名、密码和 IP 地址到答题框。(考试系统会连接到 ansible 节点,执行 ansible 脚本,准备好环境, 以便考试系统访问)
1.执行yaml 文件正确计 0.5 分
2.检查 ELK 服务部署正确计 1.5 分
(1)配置主机映射:
修改当前节点主机名为ansible,并修改ansible节点主机映射,命令如下:
root@localhost \~\]# hostnamectl set-hostname ansible \[root@localhost \~\]# bash \[root@ansible \~\]# cat /etc/hosts 172.128.11.162 ansible 172.128.11.217 node1 172.128.11.170 node2 172.128.11.248 node3 配置免密访问,虚拟机root用户密码为000000,命令如下:(考试的时候命名为elk-1、elk-2 和elk-3) \[root@ansible \~\]# ssh-keygen \[root@ansible \~\]# ssh-copy-id node1 \[root@ansible \~\]# ssh-copy-id node2 \[root@ansible \~\]# ssh-copy-id node3 将ansible节点的域名解析文件复制给安装Elasticsearch集群服务的三个节点,命令如下: \[root@ansible \~\]# scp /etc/hosts node1:/etc/ \[root@ansible \~\]# scp /etc/hosts node2:/etc/ \[root@ansible \~\]# scp /etc/hosts node3:/etc/ 关闭ansible节点的防火墙和Selinux配置(如已关闭,则不需要操作),命令如下: \[root@ansible \~\]# setenforce 0 (2)软件包下载及yum源配置 将提供的Elasticsearch、Kibana以及Logstash软件包下载至ansible节点/root目录下,并将相应服务的软件包拷贝至不同节点。 \[root@ansible \~\]# curl -O http://mirrors.douxuedu.com/competition/Ansible.tar.gz \[root@ansible \~\]# tar -zxvf Ansible.tar.gz 将Elasticsearch软件包拷贝至三个节点,将Kibana软件包拷贝至node1节点,将Logstash软件包拷贝至node2节点,命令如下: \[root@ansible \~\]# scp elasticsearch-6.0.0.rpm node1:/root/ \[root@ansible \~\]# scp elasticsearch-6.0.0.rpm node2:/root/ \[root@ansible \~\]# scp elasticsearch-6.0.0.rpm node3:/root/ \[root@ansible \~\]# scp kibana-6.0.0-x86_64.rpm node1:/root/ \[root@ansible \~\]# scp kibana-6.0.0-x86_64.rpm node2:/root/ \[root@ansible \~\]# scp kibana-6.0.0-x86_64.rpm node3:/root/ \[root@ansible \~\]# scp logstash-6.0.0.rpm node1:/root/ \[root@ansible \~\]# scp logstash-6.0.0.rpm node2:/root/ \[root@ansible \~\]# scp logstash-6.0.0.rpm node3:/root/ 将软件包ansible.tar.gz上传至ansible节点配置本地yum源,并安装Ansible: \[root@ansible \~\]# tar -zxvf ansible.tar.gz -C /opt/ \[root@ansible \~\]# mv /etc/yum.repos.d/\* /media/ \[root@ansible \~\]# vi /etc/yum.repos.d/local.repo \[ansible
name=ansible
baseurl=file:///opt/ansible
gpgcheck=0
enabled=1
root@ansible \~\]# yum -y install ansible (3)配置Ansible主机映射 创建示例目录,并配置Ansible主机映射。 \[root@ansible \~\]# mkdir example \[root@ansible \~\]# cd example \[root@ansible example\]# vi /etc/ansible/hosts \[node1
172.128.11.217
node2
172.128.11.170
node3
172.128.11.248
使用CentOS-7-x86_64-DVD-2009.iso镜像文件作为安装库,将镜像挂载至/opt/centos,编写yum源文件,安装vsftpd服务,用于给远程主机安装Java。命令如下:
root@ansible example\]# curl -O http://mirrors.douxuedu.com/competition/CentOS-7-x86_64-DVD-2009.iso \[root@ansible example\]# mkdir /opt/centos \[root@ansible example\]# mount CentOS-7-x86_64-DVD-2009.iso /opt/centos/ \[root@ansible example\]# vi /etc/yum.repos.d/local.repo \[ansible
name=ansible
baseurl=file:///opt/ansible
gpgcheck=0
enabled=1
centos
name=centos
baseurl=file:///opt/centos
gpgcheck=0
enabled=1
root@ansible example\]# yum install -y vsftpd \[root@ansible example\]# vi /etc/vsftpd/vsftpd.conf anon_root=/opt \[root@ansible example\]# systemctl restart vsftpd \[root@ansible example\]# vi ftp.repo \[centos
name=centos
baseurl=ftp://172.128.11.162/centos/
gpgcheck=0
enabled=1
(4)安装Elasticsearch获取配置文件
安装Elasticsearch服务并编写node1节点配置文件,命令如下:
root@ansible example\]# rpm -ivh /root/elasticsearch-6.0.0.rpm \[root@ansible example\]# cp -rf /etc/elasticsearch/elasticsearch.yml elk1.yml \[root@ansible example\]# cat elk1.yml \| grep -Ev "\^KaTeX parse error: Expected group after '\^' at position 2: \|\^̲#" cluster.name...\|\^#" cluster.name: ELK node.name: node2 node.master: false node.data: true path.data: /var/lib/elasticsearch path.logs: /var/log/elasticsearch network.host: 172.128.11.170 http.port: 9200 discovery.zen.ping.unicast.hosts: \["node1","node2","node3"
编写node3节点配置文件,命令如下:
root@ansible example\]# cp elk1.yml elk3.yml \[root@ansible example\]# cat elk3.yml \| grep -Ev "^$\|^#" cluster.name: ELK node.name: node3 node.master: false node.data: true path.data: /var/lib/elasticsearch path.logs: /var/log/elasticsearch network.host: 172.128.11.248 http.port: 9200 discovery.zen.ping.unicast.hosts: \["node1","node2","node3"
(5)安装Kibana获取配置文件
安装Kibana服务并编写配置文件,命令如下:
root@ansible example\]# rpm -ivh /root/kibana-6.0.0-x86_64.rpm \[root@ansible example\]# cp -rf /etc/kibana/kibana.yml . \[root@ansible example\]# cat kibana.yml \|grep -v \^# server.port: 5601 server.host: "172.128.11.217" elasticsearch.url: "http://172.128.11.217:9200" (6)安装Logstash获取配置文件 安装Logstash服务并获取配置文件,命令如下: \[root@ansible example\]# rpm -ivh /root/logstash-6.0.0.rpm \[root@ansible example\]# cp -rf /etc/logstash/logstash.yml . \[root@ansible example\]# vi logstash.yml http.host: "172.128.11.170" 新建日志输出文件,内容如下: \[root@ansible example\]# vi syslog.conf input { file { path =\> "/var/log/messages" #指定文件的路径 type =\> "systemlog" #定义日志类型,可自定义 start_position =\> "beginning" #指定何时开始收集 stat_interval =\> "3" } } output { if \[type\] == "systemlog" { elasticsearch { hosts =\> \["172.128.11.217:9200"\] #这里的地址为node1主机地址 index =\> "system-log-%{+YYYY.MM.dd}" } } } (7)编写剧本文件 安编写Playbook剧本文件,命令如下: \[root@ansible example\]# vi cscc_install.yaml * hosts: all remote_user: root tasks: * name: rm repo shell: rm -rf /etc/yum.repos.d/\* * name: copy repo copy: src=ftp.repo dest=/etc/yum.repos.d/ * name: install java shell: yum -y install java-1.8.0-\* * name: install elk shell: rpm -ivh elasticsearch-6.0.0.rpm * hosts: node1 remote_user: root tasks: * name: copy config copy: src=elk1.yml dest=/etc/elasticsearch/elasticsearch.yml * name: daemon-reload shell: systemctl daemon-reload * name: start elk shell: systemctl start elasticsearch \&\& systemctl enable elasticsearch * name: install kibana shell: rpm -ivh kibana-6.0.0-x86_64.rpm * name: copy config template: src=kibana.yml dest=/etc/kibana/kibana.yml * name: start kibana shell: systemctl start kibana \&\& systemctl enable kibana * hosts: node2 remote_user: root tasks: * name: copy config copy: src=elk2.yml dest=/etc/elasticsearch/elasticsearch.yml * name: daemon-reload shell: systemctl daemon-reload * name: start elk shell: systemctl start elasticsearch \&\& systemctl enable elasticsearch * name: install logstash shell: rpm -ivh logstash-6.0.0.rpm * name: copy config copy: src=logstash.yml dest=/etc/logstash/logstash.yml * name: copy config copy: src=syslog.conf dest=/etc/logstash/conf.d/syslog.conf * hosts: node3 remote_user: root tasks: * name: copy config copy: src=elk3.yml dest=/etc/elasticsearch/elasticsearch.yml * name: daemon-reload shell: systemctl daemon-reload * name: start elk shell: systemctl start elasticsearch \&\& systemctl enable elasticsearch 执行Playbook完成ELK集群的部署,命令如下: \[root@ansible example\]# ansible-playbook cscc_install.yaml 执行结果如图2所示: 图2 执行结果 浏览器访问node1节点5601端口,http://172.128.11.217:5601/,如图3所示: 图3 部署成功 【题目 3】Python 运维开发:基于OpenStack Restful API 实现镜像上传\[1 分
使用OpenStack all-in-one 镜像,创建 OpenStack Python 运维开发环境。云主机的用户/ 密码为:"root/Abc@1234",OpenStack 的域名/账号/密码为:"demo/admin/000000"。 提示说明:python 脚本文件头建议加入"#encoding:utf-8"避免编码错误;测试脚本代码用 python3 命令执行与测试。 在 controller 节点的/root 目录下创建api_image_manager.py 脚本,编写 python 代码对接OpenStack API,完成镜像的创建与上传。创建之前查询是否存在"同名镜像",如果存在先删除该镜像。
(1)创建镜像:要求在 OpenStack 私有云平台中上传镜像cirros-0.3.4-x86_64-disk.img,名字为 cirros001,disk_format 为 qcow2,container_format 为bare。
(2)查询镜像:查询 cirros001 的详细信息,并以 json 格式文本输出到控制台。 完成后提交 OpenStack Python 运维开发环境Controller 节点的 IP 地址,用户名和密码提交。
1.执行api_image_manager.py 脚本,成功创建镜像,计 0.5 分
2.检查镜像状态正确,计 0.5 分
(1)基础环境准备,安装python3,已经需要的依赖
安装工具包
yum install gcc -y
yum install libffi-devel -y
yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gcc make
安装python3
tar -xzvf Python-3.6.8.tgz
cd Python-3.6.8
./configure
make # 编译
make install # 编译安装
验证:
root@controller \~\]# python3 Python 3.6.8 (default, Oct 29 2023, 22:01:11) \[GCC 4.8.5 20150623 (Red Hat 4.8.5-4)\] on linux Type "help", "copyright", "credits" or "license" for more information. \[root@ controller \~\]# python3 --version Python 3.6.8 安装文件依赖包: ## 安装setuptools tar -zxvf setuptools-41.1.0.post1.tar.gz cd setuptools-41.1.0.post1/ python3 setup.py install ## 安装pip tar -zxvf pip-19.2.2.tar.gz cd pip-19.2.2 python3 setup.py install 验证pip \[root@controller pip-19.2.2\]# pip -V pip 19.2.2 from /usr/local/lib/python3.6/site-packages/pip-19.2.2-py3.6.egg/pip (python 3.6) #使用提供的whl文件安装依赖 \[root@controller \~\]# cd Python-api \[root@controller \~\]# pip3 install certifi-2019.11.28-py2.py3-none-any.whl \[root@controller \~\]# pip3 install urllib3-1.25.11-py3-none-any.whl \[root@controller \~\]# pip3 install idna-2.8-py2.py3-none-any.whl \[root@controller \~\]# pip3 install chardet-3.0.4-py2.py3-none-any.whl \[root@controller \~\]# pip3 install requests-2.24.0-py2.py3-none-any.whl (2)代码实现 \[root@controller \~\]# vi api_image_manager.py #encoding:utf-8 import requests,json,time def get_auth_token(controller_ip,domain,name,password): url = f"http://{controller_ip}:5000/v3/auth/tokens" body = { "auth": { "identity": { "methods": \['password'\], "password": { "user": { "domain": {"name": domain}, "name": name, "password": password, } } }, "scope": { "project": { "domain": {"name": domain}, "name": name } } } } headers = { "Content-Type": "application/json" } token = requests.post(url,headers=headers,data=json.dumps(body)).headers\['X-Subject-Token'
headers = {
"X-Auth-Token": token
}
print(f"token值为:{token}")
return headers
class image_manager:
def init (self,handers:dict,resUrl):
self.headers = handers
self.resUrl = resUrl
def create_image(self,image_name,disk_format,container_format):
body = {
"name": image_name,
"disk_format": disk_format,
"container_format": container_format,
}
req = requests.post(self.resUrl,headers=self.headers,data=json.dumps(body)).text
print(f"创建镜像的信息为:{req}")
return req
def get_image_id(self,name):
req = json.loads(requests.get(self.resUrl,headers=self.headers).text)
for image in req['images']:
if image['name'] == name:
return image['id']
return "NONE"
def upload_image(self,id,file_path:str):
url = self.resUrl + "/" + id + "/file"
self.headers["Content-Type"] = "application/octet-stream"
req = requests.put(url,headers=self.headers,data=open(file_path,'rb').read())
if req.status_code == 204:
print("上传镜像成功",req.status_code)
else:
print("上传镜像失败",req.status_code)
print(f"镜像上传信息:{req}")
return req
def get_image(self,id):
url = self.resUrl + "/" + id
req = json.loads(requests.get(self.resUrl,headers=self.headers).text)
print(f"获取到的镜像信息为:{req}")
return req
def delete_image(self,id):
url = self.resUrl + "/" + id
req = requests.delete(url,headers=self.headers)
print(f"删除信息:{req}")
return reqif name == "main ":
controller_ip = "192.168.100.10"
domain = "demo"
name = "admin"
password = "000000"
headers = get_auth_token(controller_ip, domain, name, password)
print(headers)
image_m = image_manager(headers,f"http://{controller_ip}:9292/v2/images")
#create
create_image = image_m.create_image("cirros001","qcow2","bare")
#get id
get_id = image_m.get_image_id("cirros001")
print(f"cirros001镜像ID为:{get_id}")
#upload
upload_image = image_m.upload_image(get_id,"/root/cirros-0.3.0-x86_64-disk.img ")
#get image
get_image = image_m.get_image(get_id)
with open("image_demo.json","w")as outfile:
json.dump(get_image,outfile,indent=4)【题目 4】Python 运维开发:基于 Openstack Python SDK 实现云主机创建[1 分]
使 用 已 建 好 的 OpenStack Python 运 维 开 发 环 境 ,在 /root 目 录 下 创 建sdk_server_manager.py 脚本,使用 python-openstacksdk Python 模块,完成云主机的创建和查询。创建之前查询是否存在"同名云主机",如果存在先删除该镜像。
(1)创建 1 台云主机:云主机信息如下:
云主机名称如下:server001
镜像文件:cirros-0.3.4-x86_64-disk.img
云主机类型:m1.tiny
网络等必要信息自己补充。
(2)查询云主机:查询云主机 server001 的详细信息,并以 json 格式文本输出到控制台。 完成后提交 OpenStack Python 运维开发环境 Controller 节点的 IP 地址,用户名和密码提交。
1.执行 sdk_server_manager.py 脚本,成功创建云主机,计 0.5 分
2.检查创建的云主机状态正确,计 0.5 分
(1)代码实现
创建云主机所需的镜像、类型、网络是用name来识别的,需要提前创建好
root@container \~\]# vi sdk_server_manager.py #encoding:utf-8 import json,logging import openstack #文档地址 ## https://docs.openstack.org/openstacksdk/latest/user/index.html def create_connection(auth_url, user_domain_name, username, password): """ 建立连接 """ return openstack.connect( auth_url=auth_url, user_domain_name=user_domain_name, username=username, password=password, ) #user Manager ## 参见文档 ## https://docs.openstack.org/openstacksdk/latest/user/guides/identity.html #openstack.connection.Connection #云主机管理 class server_manager: def __init__(self, connect): self.connect = connect def list_servers(self): """ 查询所有云主机. """ #to json items = self.connect.compute.servers() server_jsons = {} for server in items: server_jsons[server['name']] = server # return "" return items# json.dumps(server_jsons,indent=2,skipkeys=True) def create_server(self, server_name, image_name, flavor_name,networ_name): image = self.connect.compute.find_image(image_name) flavor = self.connect.compute.find_flavor(flavor_name) network = self.connect.network.find_network(networ_name) server = self.connect.compute.create_server( name=server_name, image_id=image.id, flavor_id=flavor.id, networks=[{"uuid": network.id}]) result = self.connect.compute.wait_for_server(server) return result#json.dumps(result,indent=2,skipkeys=True) def delete_server(self, server_name): """ 删除云主机 """ server = self.connect.compute.find_server(server_name) result = self.connect.compute.delete_server(server) return json.dumps(result, indent=2, skipkeys=True) def get_server(self, server_name): """ 获取云主机 """ server = self.connect.compute.find_server(server_name) if server: return json.dumps(server, indent=2, skipkeys=True) else: return None class image_manager: def __init__(self, connect): self.connect = connect def list_images(self): """ 查询所有镜像 """ #to json items = self.connect.compute.images() images_jsons = {} for image in items: images_jsons[image['name']] = image return json.dumps(images_jsons,indent=2) def get_image(self, image_name:str): """ 查询镜像 """ #to json image = self.connect.compute.find_image(image_name) return json.dumps(image,indent=2) class flavor_manager: def __init__(self, connect): self.connect = connect def list_flavors(self): """ 查询所有云主机类型 """ #to json items = self.connect.compute.flavors() flavors_jsons = {} for flavor in items: flavors_jsons[flavor['name']] = flavor return json.dumps(flavors_jsons,indent=2) def get_flavor(self, flavor_name:str): """ 根据名称获取云主机类. """ #to json flavor = self.connect.compute.find_flavor(flavor_name) return json.dumps(flavor,indent=2) class network_manager: def __init__(self, connect): self.connect = connect def list_networks(self): """ 查询所有网络. """ #to json items = self.connect.network.networks() items_jsons = {} for network in items: items_jsons[network['name']] = network return json.dumps(items_jsons,indent=2) def get_network(self, network_name:str): """ 跟名称查询网络. """ #to json flavor = self.connect.compute.find_network(network_name) return json.dumps(flavor,indent=2) if **name** == '**main**': # Initialize connection(通过配置文件) # controller_ip = "10.24.2.22" controller_ip = "controller" auth_url = "http://controller:5000/v3/" username = "admin" password = "000000" user_domain_name = 'demo' conn = create_connection(auth_url, user_domain_name, username, password) sdk_m = server_manager(conn) server = sdk_m.get_server("server001") if server: result = sdk_m.delete_server("server001") print("servers:", result) #2 创建云主机 print("creat server--------") servers = sdk_m.create_server("server001","cirros001","m1.tiny","net") print("servers:", servers) #6 查询云主机 server_info = sdk_m.get_server("server001") print(server_info) 创建网络,命令如下: \[root@controller \~\]# source /etc/keystone/admin-openrc.sh \[root@controller \~\]# openstack network create --provider-network-type vlan --provider-physical-network provider --provider-segment 10 --project admin net \[root@controller \~\]# NET="111.111.10.0/24" \[root@controller \~\]# ID=$(openstack network list --project admin \|grep -v ID \|grep net \|awk -F "\| " {'print $2'}) \[root@controller \~\]# openstack subnet create --project admin --subnet-range $NET --dhcp --network $ID ext-subnet 执行sdk_server_manager.py文件: \[root@controller \~\]# python3 sdk_server_manager.py -----------------------------------------执行结果----------------------------- #创建云主机的信息为:{"server": {"security_groups": \[{"name": "default"}\], "OS-DCF:diskConfig": "MANUAL", "id": "f295eb8d-52a0-4e21-ba86-6 4ba8c3e6359", "links": \[{"href": "http://192.168.106.10:8774/v2.1/servers/f295eb8d-52a0-4e21-ba86-64ba8c3e6359", "rel": "self"}, {"href": "http://192.168.106.10:8774/servers/f295eb8d-52a0-4e21-ba86-64ba8c3e6359", "rel": "bookmark"}\], "adminPass": "oTs5jHFwkbWy"}} 【题目 5】Python 运维开发:云主机类型管理的命令行工具开发\[2 分
使用已建好的 OpenStack Python 运维开发环境,在/root 目录下创建 flavor_manager.py 脚本,完成云主机类型的管理,flavor_manager.py 程序支持命令行参数执行。提示说明:Python 标准库argparse 模块,可以提供命令行参数的解析。要求如下:
(1)程序支持根据命令行参数,创建 1 个多云主机类型。返回 response。位置参数"create",表示创建; 参数"-n"支持指定 flavor 名称,数据类型为字符串类型; 参数"-m"支持指定内存大小,数据类型为 int,单位 M; 参数"-v"支持指定虚拟 cpu 个数,数据类型为 int; 参数"-d"支持磁盘大小,内存大小类型为 int,单位 G; 参数"-id"支持指定 ID,类型为字符串。 参考运行实例: python3 flavor_manager.py create -n flavor_small -m 1024 -v 1 -d 10 -id 100000
(2)程序支持查询目前 admin 账号下所有的云主机类型。位置参数"getall",表示查询所有云主机类型; 查询结果,以 json 格式输出到控制台。参考执行实例如下: python3 flavor_manager.py getall
(3)支持查询给定具体名称的云主机类型查询。位置参数"get",表示查询 1 个云主机类型; 参数"-id"支持指定 ID 查询,类型为 string。 控制台以 json 格式输出创建结果。 参考执行实例如下: python3 flavor_manager.py get -id 100000
(4)支持删除指定的 ID 云主机类型。 位置参数"delete",表示删除一个云主机类型; 参数"-id"支持指定 ID 查询,返回 response,控制台输出response。参考执行实例如下: python3 flavor_manager.py delete -id 100001
暂无
1.执行 flavor_manager.py 脚本,指定 create 和配置参数,成功创建 1 个云主机类型,计 0.5 分; 2.执行 flavor_manager.py 脚本,指定 getall 参数,成功查询所有云主机类型,计 0.5 分;
3.执行 flavor_manager.py 脚本,指定 get 和配置参数,成功查询具体名称的云主机类型,计 0.5 分;
4.执行 flavor_manager.py 脚本,指定 delete 和配置参数,成功删除指定 ID 云主机类型,计 0.5 分。
api_flavor_manager.py:
import requests,json,time
import logging
#-----------logger-----------
#get logger
logger = logging.getLogger(name)
level
logger.setLevel(logging.DEBUG)
format
format = logging.Formatter('%(asctime)s %(message)s')
to console
stream_handler = logging.StreamHandler()
stream_handler .setFormatter(format)
logger.addHandler(stream_handler )
#-----------logger-----------
def get_auth_token(controller_ip, domain, user, password):
try:
url = f"http://{controller_ip}:5000/v3/auth/tokens"
body = {
"auth": {
"identity": {
"methods": [
"password"
],
"password": {
"user": {
"domain": {
"name": domain
},
"name": user,
"password": password
}
}
},
"scope": {
"project": {
"domain": {
"name": domain
},
"name": user
}
}
}
}
headers = {
"Content-Type": "application/json",
}
print(body)
Token = requests.post(url, data=json.dumps(body), headers=headers).headers['X-Subject-Token']
headers = {
"X-Auth-Token": Token
}
logger.debug(f"获取Token值:{str(Token)}")
return headers
except Exception as e:
logger.error(f"获取Token值失败,请检查访问云主机控制节点IP是否正确?输出错误信息如下:{str(e)}")
exit(0)class flavor_manager:
def __init__(self,handers:dict,resUrl:str):
self.headers=handers
self.resUrl=resUrl
#创建flavor类型
def create_flavor(self,flavor_name:str,ram,vcpus,disk,id):
self.headers['Content-Type']="application/json"
body={
"flavor":{
"name":flavor_name,
"ram":ram,
"vcpus":vcpus,
"disk":disk,
"id":id,
}
}
logger.debug(f"创建flavor请求body:{str(body)}")
status_code = requests.post(self.resUrl, data=json.dumps(body), headers=self.headers).text
logger.debug(f"返回状态:{str(status_code)}")
return status_code
#获取all flavors
def get_flavors(self):
result = json.loads(requests.get(self.resUrl,headers=self.headers).text)
logger.debug(f"返回信息:{str(result)}")
return result
# 获取flavor_id
def get_flavor(self, id:str):
api_url = self.resUrl + "/"+id
result = json.loads(requests.get(api_url, headers=self.headers).text)
logger.debug(f"返回信息:{str(result)}")
return result
def delete_flavor(self, id:str):
api_url = self.resUrl + "/"+id
response = requests.delete(api_url, headers=self.headers)
#Normal response codes: 202 without return text
if response.status_code == 202:
return {"itemDeletedSuccess": response.status_code}
result = json.loads(response.text)
logger.debug(f"返回信息:{str(result)}")
return result
#http://192.168.200.226:8774/v2.1/ get apis version infomation.
def update_flavor_desc(self, id: str, desc:str):
# 特别注意:This API is available starting with microversion 2.55.
self.headers['X-OpenStack-Nova-API-Version'] = "2.55"
self.headers['Content-Type'] = "application/json"
body = {
"flavor": {
"description": desc
}
}
api_url = self.resUrl + "/" + id
response = requests.put(api_url, data=json.dumps(body), headers=self.headers)
# Normal response codes: 202 without return text
if response.status_code == 202:
return {"itemUpdateSuccess": response.status_code}
result = json.loads(response.text)
logger.debug(f"返回信息:{str(result)}")
return resultif name == 'main ':
controller_ip = "controller"
domain = "demo"
user = "admin"
password = "000000"
headers = get_auth_token(controller_ip, domain, user, password)
flavor_m = flavor_manager(headers, f"http://{controller_ip}:8774/v2.1/flavors")
#1 查所有
flavors = flavor_m.get_flavors()print("查询所有flavors:", flavors)
flavor_manager.py:
#encoding:utf-8
import argparse
import api_flavor_manager
1. openstack allinone (controller ) credentials
host ip address
controller_ip = "10.24.2.22"
controller_ip = "controller"
domain name
domain = "demo"
user name
user = "admin"
user password
password = "000000"
headers = api_flavor_manager.get_auth_token(controller_ip,domain,user,password)
print("headers:", headers)
#. get token
flavor_m = api_flavor_manager.flavor_manager(headers, "http://controller:8774/v2.1/flavors")
def define_args(parser):
"""
定义程序支持的args
:return:
"""
parser = argparse.ArgumentParser()
#增加控制命令(postion 位置参数,必须)
parser.add_argument('command',
help='Resource command name',
type=str)
# parser.add_argument('delete',
# help='delete a resource',
# type=str)
#可选参数(可有可无)
parser.add_argument('-n', '--name', # 可选参数,删除的名称
help='The Name of the resource', # 输入-h展示
type=str)
parser.add_argument('-o', '--output', # 可选参数,删除的名称
help='The output file path ', # 输入-h展示
type=str)
parser.add_argument('-m', '--memory', # 可选参数,删除的名称
help='The Name of the resource', # 输入-h展示
type=str)
parser.add_argument('-v', '--vcpu', # 可选参数,删除的名称
help='The Name of the resource', # 输入-h展示
type=str)
parser.add_argument('-d', '--disk', # 可选参数,删除的名称
help='The Name of the resource', # 输入-h展示
type=str)
parser.add_argument('-id', '--id', # 可选参数,删除的名称
help='The Name of the resource', # 输入-h展示
type=str)def parse_args(parser):
args = parser.parse_args()
if args.command:
if args.command == "create":
print("create some thing")
create_flavor(args)
elif args.command == "getall":
print("getall some thing")
getall_flavor(args)
elif args.command == "get":
print("get some thing")
get_flavor(args)
elif args.command == "delete":
print("delete some thing")
delete_flavor(args)
else:
print("Note support command name!")def create_flavor(args):
print('Provided command value is %r.' % args.command)
print('Provided name value is %r.' % args.name)
print('Provided memory value is %r.' % args.memory)
print('Provided vcpu value is %r.' % args.vcpu)
print('Provided disk value is %r.' % args.disk)
print('Provided id value is %r.' % args.id)
result = flavor_m.create_flavor(args.name,args.memory,args.vcpu,args.disk,args.id)
print(result)
def delete_flavor(args):
print('Provided command value is %r.' % args.command)
print('Provided id value is %r.' % args.id)
result = flavor_m.delete_flavor(args.id)
print(result)
def getall_flavor(args):
print('Provided command value is %r.' % args.command)
result = flavor_m.get_flavors()
print(result)
def get_flavor(args):
print('Provided command value is %r.' % args.command)
print('Provided id value is %r.' % args.id)
result = flavor_m.get_flavor(args.id)
print(result)
if name == 'main ':
parser = argparse.ArgumentParser()
define_args(parser)
parse_args(parser)
-------------------------------------------执行结果--------------------------------
{'auth': {'identity': {'methods': ['password'], 'password': {'user': {'domain': {'name': 'demo'}, 'name': 'admin', 'password': '000000'}}}, 'scope': {'project': {'domain': {'name': 'demo'}, 'name': 'admin'}}}}
【题目 6】Python 运维开发:用户管理的命令行工具开发[2 分]
使用已建好的OpenStack Python 运维开发环境,在/root 目录下创建 user_manager.py 脚本,完成用户管理功能开发,user_manager.py 程序支持命令行带参数执行。 提示说明:Python 标准库argparse 模块,可以提供命令行参数的解析。
(1)程序支持根据命令行参数,创建 1 个用户。位置参数"create",表示创建; 参数"-i 或--input",格式为 json 格式文本用户数据。查询结果,以 json 格式输出到控制台。 参考执行实例如下: python3 user_manager.py create --input '{ "name": "user01", "password": "000000", "description": "description" } '
(2)支持查询给定具体名称的用户查询。 位置参数"get",表示查询 1 个用户; 参数"-n 或 --name"支持指定名称查询,类型为 string。 参数"-o 或 output"支持查询该用户信息输出到文件,格式为json 格式。参考执行实例如下: python3 user_manager.py get --name user01-o user.json
(3)程序支持查询目前 admin 账号下所有的用户。位置参数"getall",表示查询所有用户; 参数"-o 或--output"支持输出到文件,格式为 yaml 格式。参考执行实例如下: python3 user_manager.py getall -o openstack_all_user.yaml
(4)支持删除指定的名称的用户。 位置参数"delete",表示删除一个用户;返回 response,通过控制台输出。参数"-n 或--name"支持指定名称查询,类型为 string。 参考执行实例如下: python3 user_manager.py delete -name user01
暂无
1.执行user_manager.py 脚本,指定 create 和配置参数,成功创建 1 个用户,计 0.5 分;
2.执行user_manager.py 脚本,指定 get 和配置参数,成功查询具体名称的用户,计 0.5 分;
3.执行user_manager.py 脚本,指定 getall 和配置参数,成功查询 admin 账号下的所有用户, 计 0.5 分;
4.执行user_manager.py 脚本,指定 delete 和配置参数,成功删除指定名称的用户,计 0.5 分
api_user_manager.py:
encoding:utf-8
import requests, json, time
import logging
-----------logger-----------
get logger
logger = logging.getLogger(name)
level
logger.setLevel(logging.DEBUG)
format
format = logging.Formatter('%(asctime)s %(message)s')
to console
stream_handler = logging.StreamHandler()
stream_handler.setFormatter(format)
logger.addHandler(stream_handler)
-----------logger-----------
def get_auth_token(controller_ip, domain, user, password):
'''
:param controller_ip: openstack master ip address
:param domain: current user's domain
:param user: user name
:param password: user password
:return: keystoen auth Token for current user.
'''
try:
url = "http://controller:5000/v3/auth/tokens"
body = {
"auth": {
"identity": {
"methods": [
"password"
],
"password": {
"user": {
"domain": {
"name": domain
},
"name": user,
"password": password
}
}
},
"scope": {
"project": {
"domain": {
"name": domain
},
"name": user
}
}
}
}
headers = {
"Content-Type": "application/json",
}
print(body)
Token = requests.post(url, data=json.dumps(body), headers=headers).headers['X-Subject-Token']
headers = {
"X-Auth-Token": Token
}
logger.debug(f"获取Token值:{str(Token)}")
return headers
except Exception as e:
logger.error(f"获取Token值失败,请检查访问云主机控制节点IP是否正确?输出错误信息如下:{str(e)}")
exit(0)用户管理
https://docs.openstack.org/api-ref/identity/v3/index.html#users
class user_manager:
def init (self, handers: dict, resUrl: str):
self.headers = handers
self.resUrl = resUrl
# POST /v3/users Create user
def create_users(self, user_name, password: str, desc: str):
"""
create a user with name and password and description.
"""
body = {
"user": {
"name": user_name,
"password": password,
"description": desc,
}
}
status_code = requests.post(self.resUrl, data=json.dumps(body), headers=self.headers).text
logger.debug(f"返回状态:{str(status_code)}")
return status_code
# /v3/users # List all users
def get_users(self):
"""
get user
"""
status_code = requests.get(self.resUrl, headers=self.headers).text
logger.debug(f"返回状态:{str(status_code)}")
return status_code
def get_user_id(self, user_name):
"""
get user id by name.
"""
result = json.loads(requests.get(self.resUrl, headers=self.headers).text)
user_name = user_name
for item in result['users']:
if item['name'] == user_name:
return item['id']
return "NONE"
def get_user(self, id: str):
"""
get a flavor by id.
"""
api_url = self.resUrl + "/" + id
result = json.loads(requests.get(api_url, headers=self.headers).text)
logger.debug(f"返回信息:{str(result)}")
return result
def delete_user(self, name: str):
"""
delete a user by id.
"""
id = self.get_user_id(name)
api_url = self.resUrl + "/" + id
response = requests.delete(api_url, headers=self.headers)
# 204 - No Content The server has fulfilled the request.
if response.status_code == 204:
return {"User itemDeletedSuccess": response.status_code}
result = json.loads(response.text)
logger.debug(f"返回信息:{str(result)}")
return result
# http://192.168.200.226:8774/v2.1/ get apis version infomation.
def update_User_password(self, id: str, original_password: str, new_password: str):
"""
update a flavor desc by id.
"""
self.headers['Content-Type'] = "application/json"
body = {
"user": {
"password": new_password,
"original_password": original_password
}
}
api_url = self.resUrl + "/" + id + "/password"
response = requests.post(api_url, data=json.dumps(body), headers=self.headers)
# Normal response codes: 204 without return text
if response.status_code == 204:
return {"item Update Password Success": response.status_code}
result = json.loads(response.text)
logger.debug(f"返回信息:{str(result)}")
return resultif name == 'main ':
1. openstack allinone (controller ) credentials
host ip address
controller_ip = "10.24.2.22"
controller_ip = "controller"
controller_ip = "10.24.2.22"
domain name
domain = "demo"
user name
user = "admin"
user password
password = "000000"
headers = get_auth_token(controller_ip, domain, user, password)
print("headers:", headers)
get all user
user_m = user_manager(headers, "http://controller:5000/v3/users")
1 查询所有
users = user_m.get_users()
print("查询所有users:", users)
user_manager.py:
#encoding:utf-8
import argparse
import api_user_manager
import json
import csv
import yaml
1. openstack allinone (controller ) credentials
host ip address
controller_ip = "10.24.2.22"
controller_ip = "controller"
controller_ip = "10.24.2.22"
domain name
domain = "demo"
user name
user = "admin"
user password
password = "000000"
headers = api_user_manager.get_auth_token(controller_ip, domain, user, password)
print("headers:", headers)
get all user
user_m = api_user_manager.user_manager(headers, "http://controller:5000/v3/users")
print("-----------begin-----------------")
def define_args(parser):
"""
定义程序支持的args
:return:
"""
parser = argparse.ArgumentParser()
#增加控制命令(postion 位置参数,必须)
parser.add_argument('command',
help='Resource command name',
type=str)
# parser.add_argument('delete',
# help='delete a resource',
# type=str)
#可选参数(可有可无)
parser.add_argument('-n', '--name', # 可选参数,删除的名称
help='The Name of the resource', # 输入-h展示
type=str)
parser.add_argument('-i', '--input', # 可选参数,删除的名称
help='The input json format text ', # 输入-h展示
type=str)
parser.add_argument('-o', '--output', # 可选参数,删除的名称
help='The output file path ', # 输入-h展示
type=str)def parse_args(parser):
args = parser.parse_args()
if args.command:
if args.command == "create":
print("create some thing")
create_user(args)
elif args.command == "getall":
print("getall some thing")
getall_users(args)
elif args.command == "get":
print("get some thing")
get_user(args)
elif args.command == "delete":
print("delete some thing")
delete_user(args)
else:
print("Note support command name!")
def create_user(args):
print('Provided command value is %r.' % args.command)
print('Provided input value is %r.' % args.input)
print('Provided output value is %r.' % args.output)
output_file = args.output
user_name, password: str, desc: str):
user_dict = json.loads(args.input)
result = user_m.create_users(user_dict["name"],user_dict["password"],user_dict["description"])
# 写出json文件
print("--------write to json---------:", result)
print(result)def delete_user(args):
print('Provided command value is %r.' % args.command)
print('Provided input value is %r.' % args.input)
print('Provided output value is %r.' % args.output)
result = user_m.delete_user(args.name)
print(result)
def getall_users(args):
print('Provided command value is %r.' % args.command)
print('Provided input value is %r.' % args.input)
print('Provided output value is %r.' % args.output)
print(type(args.input))
result = user_m.get_users()
output_file = args.output
写出json文件
print("--------result---------")
print(result)
configuration = json.loads(result)
写出yaml (dict)
with open(output_file, 'w') as yaml_file:
yaml.dump(configuration, yaml_file)
print(result)def get_user(args):
print('Provided command value is %r.' % args.command)
print('Provided input value is %r.' % args.input)
print('Provided output value is %r.' % args.output)
id = user_m.get_user_id(args.name)
result = user_m.get_user(id)
output_file = args.output
写出json文件
with open(output_file, 'w') as jsonfile:
json.dump(result, jsonfile, indent=4)
print(result)
if name == 'main ':
import sys
print(sys.argv)
parser = argparse.ArgumentParser()
define_args(parser)
parse_args(parser)
----------------------------------------------执行结果------------------------------------
root@controller python\]# python3 user_manager.py create --input '{ "name": "user01", "password": "000000", "description": "description" } ' {'auth': {'identity': {'methods': \['password'\], 'password': {'user': {'domain': {'name': 'demo'}, 'name': 'admin', 'password': '000000'}}}, 'scope': {'project': {'domain': {'name': 'demo'}, 'name': 'admin'}}}} 2022-10-11 17:39:22,843 获取Token值:gAAAAABjRTnKtdV9oDS_VfNDp8qtRC_sEElsQwJGqJTST8LHtqJUahTJtf8MVDa2Nplrjwo6_18D_Hm85j99D9G1TMq7jKEPqAynBx5nGkTXggQWJ-WJdPxad_e3qsrwfeL3JOqDK3RSHEkhZ1k1EQKWl3nxgMBhycHDs_3-CA4Cyfcmi9S15pQ headers: {'X-Auth-Token': 'gAAAAABjRTnKtdV9oDS_VfNDp8qtRC_sEElsQwJGqJTST8LHtqJUahTJtf8MVDa2Nplrjwo6_18D_Hm85j99D9G1TMq7jKEPqAynBx5nGkTXggQWJ-WJdPxad_e3qsrwfeL3JOqDK3RSHEkhZ1k1EQKWl3nxgMBhycHDs_3-CA4Cyfcmi9S15pQ'} -----------begin----------------- \['user_manager.py', 'create', '--input', '{ "name": "user01", "password": "000000", "description": "description" } '
create some thing
Provided command value is 'create'.
Provided input value is '{ "name": "user01", "password": "000000", "description": "description" } '.
Provided output value is None.
2022-10-11 17:39:23,137 返回状态:{"user": {"description": "description", "name": "user01", "domain_id": "default", "enabled": true, "links": {"self": "http://controller:5000/v3/users/01eebcdbcbf24bc4a5435f1dcd0949a7"}, "options": {}, "id": "01eebcdbcbf24bc4a5435f1dcd0949a7", "password_expires_at": null}}
--------write to json---------: {"user": {"description": "description", "name": "user01", "domain_id": "default", "enabled": true, "links": {"self": "http://controller:5000/v3/users/01eebcdbcbf24bc4a5435f1dcd0949a7"}, "options": {}, "id": "01eebcdbcbf24bc4a5435f1dcd0949a7", "password_expires_at": null}}
{"user": {"description": "description", "name": "user01", "domain_id": "default", "enabled": true, "links": {"self": "http://controller:5000/v3/users/01eebcdbcbf24bc4a5435f1dcd0949a7"}, "options": {}, "id": "01eebcdbcbf24bc4a5435f1dcd0949a7", "password_expires_at": null}}