|
前面已经先容了OpenStack假造机从Nova Metadata处事获取metadata的进程。偶然辰我们也许必要调试假造机的metadata信息,验证转达的数据是否正确,而又嫌贫困不但愿进入假造机内部去调试。有什么要领可以或许直接挪用nova-api-metadata处事获取假造机信息呢。
按照前面先容的道理,我写了两个剧本实现:
第一个Python剧本sign_instance.py用于天生secret:
- sign_instance.py
-
- import six
- import sys
- import hmac
- import hashlib
-
- def sign_instance_id(instance_id, secret=''):
- if isinstance(secret, six.text_type):
- secret = secret.encode('utf-8')
- if isinstance(instance_id, six.text_type):
- instance_id = instance_id.encode('utf-8')
- return hmac.new(secret, instance_id, hashlib.sha256).hexdigest()
- print(sign_instance_id(sys.argv[1]))
第二个bash剧本get_metadata.py实现获取假造机metadata:
- #!/bin/bash
- metadata_server=http://192.168.1.16:8775
- metadata_url=$metadata_server/openstack/latest
- instance_id=$1
- data=$2
- if [[ -z $instance_id ]]; then echo "Usage: $0 <instance_id>"
- exit 1
- fi tenant_id=$(nova show $instance_id | awk '/tenant_id/{print $4}')
- sign_instance_id=$(python sign_instance.py $instance_id)
- curl -sL -H "X-Instance-ID:$instance_id" -H "X-Instance-ID-Signature:$sign_instance_id" -H "X-Tenant-ID:$tenant_id" $metadata_url/$data
个中metadata_server为Nova Metadata处事地点。
用法如下:
- # ./get_metadata.sh daf32a70-42c9-4d30-8ec5-3a5d97582cff
- meta_data.json
- password
- vendor_data.json
- network_data.json
- # ./get_metadata.sh daf32a70-42c9-4d30-8ec5-3a5d97582cff network_data.json | python -m json.tool
- {
- "links": [
- {
- "ethernet_mac_address": "fa:16:3e:e8:81:9b",
- "id": "tap28468932-9e",
- "mtu": 1450,
- "type": "ovs",
- "vif_id": "28468932-9ea0-43d0-b699-ba19bf65cae3"
- }
- ],
- "networks": [
- {
- "id": "network0",
- "link": "tap28468932-9e",
- "network_id": "2c4b658c-f2a0-4a17-9ad2-c07e45e13a8a",
- "type": "ipv4_dhcp"
- }
- ],
- "services": []
- }
5 总结
最后通过一张事变流图总结:
(编辑:湖南网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
