Client for OpenStack services
Go to file
Tony Breeds deab1a7ad8 Update the underlying python containers to "3.10-bookworm"
The existing 3.9 is based on debian buster and isn't getting security
updates ... or any updates really.  This change updates to a base
container that will get updates for a while.

I picked 3.10 rather than 3.11 as 3.10 is part of the bobcat[1]

[1] https://governance.openstack.org/tc/reference/runtimes/2023.2.html

Change-Id: I606389a81ab189b1abf2c700acf5c5543a09165a
2023-07-18 20:24:53 +10:00
doc volume: Add 'volume qos set --no-property' option 2023-05-17 16:50:16 +01:00
examples Blacken everything else 2023-05-10 10:51:30 +01:00
openstackclient Merge "Allow multiple --remove-tag in project set" 2023-07-05 11:07:48 +00:00
releasenotes Fix "access rule" commands to only use ID 2023-06-05 12:03:15 -04:00
.coveragerc Excluding test code from coverage reports 2023-01-04 11:00:47 +00:00
.git-ignore-blame-revs Ignore black changes 2023-05-10 10:51:30 +01:00
.gitignore Updates for stestr 2017-09-15 06:32:58 +00:00
.gitreview OpenDev Migration Patch 2019-04-19 19:45:05 +00:00
.mailmap Clean up test environment and remove unused imports. 2013-01-22 11:44:18 -06:00
.pre-commit-config.yaml pre-commit: Enable black 2023-05-10 10:51:30 +01:00
.stestr.conf Updates for stestr 2017-09-15 06:32:58 +00:00
.zuul.yaml Update the underlying python containers to "3.10-bookworm" 2023-07-18 20:24:53 +10:00
bindep.txt Fix gate due to switch to focal 2020-09-11 10:25:56 +02:00
CONTRIBUTING.rst [community goal] Update contributor documentation 2021-08-30 17:13:12 +00:00
Dockerfile Update the underlying python containers to "3.10-bookworm" 2023-07-18 20:24:53 +10:00
HACKING.rst hacking: Remove references to encoding 2021-04-01 14:16:22 +00:00
LICENSE Remove LICENSE APPENDIX 2015-11-18 13:25:56 +09:00
README.rst Moving IRC network reference to OFTC 2021-07-07 19:43:00 -05:00
requirements.txt compute: Generate SSH keypairs ourselves 2023-05-02 12:18:52 +01:00
setup.cfg Adding `image import` command 2023-04-12 09:42:43 +00:00
setup.py Blacken everything else 2023-05-10 10:51:30 +01:00
test-requirements.txt Remove invalid note from requirements files 2022-08-24 11:03:52 +01:00
tox.ini tox: Disable E501 2023-05-31 17:39:59 +01:00

Team and repository tags

image

OpenStackClient

Latest Version

OpenStackClient (aka OSC) is a command-line client for OpenStack that brings the command set for Compute, Identity, Image, Network, Object Store and Block Storage APIs together in a single shell with a uniform command structure.

The primary goal is to provide a unified shell command structure and a common language to describe operations in OpenStack.

Getting Started

OpenStack Client can be installed from PyPI using pip:

pip install python-openstackclient

There are a few variants on getting help. A list of global options and supported commands is shown with --help:

openstack --help

There is also a help command that can be used to get help text for a specific command:

openstack help
openstack help server create

If you want to make changes to the OpenStackClient for testing and contribution, make any changes and then run:

python setup.py develop

or:

pip install -e .

Configuration

The CLI is configured via environment variables and command-line options as listed in https://docs.openstack.org/python-openstackclient/latest/cli/authentication.html.

Authentication using username/password is most commonly used:

  • For a local user, your configuration will look like the one below:

    export OS_AUTH_URL=<url-to-openstack-identity>
    export OS_IDENTITY_API_VERSION=3
    export OS_PROJECT_NAME=<project-name>
    export OS_PROJECT_DOMAIN_NAME=<project-domain-name>
    export OS_USERNAME=<username>
    export OS_USER_DOMAIN_NAME=<user-domain-name>
    export OS_PASSWORD=<password>  # (optional)

    The corresponding command-line options look very similar:

    --os-auth-url <url>
    --os-identity-api-version 3
    --os-project-name <project-name>
    --os-project-domain-name <project-domain-name>
    --os-username <username>
    --os-user-domain-name <user-domain-name>
    [--os-password <password>]
  • For a federated user, your configuration will look the so:

    export OS_PROJECT_NAME=<project-name>
    export OS_PROJECT_DOMAIN_NAME=<project-domain-name>
    export OS_AUTH_URL=<url-to-openstack-identity>
    export OS_IDENTITY_API_VERSION=3
    export OS_AUTH_PLUGIN=openid
    export OS_AUTH_TYPE=v3oidcpassword
    export OS_USERNAME=<username-in-idp>
    export OS_PASSWORD=<password-in-idp>
    export OS_IDENTITY_PROVIDER=<the-desired-idp-in-keystone>
    export OS_CLIENT_ID=<the-client-id-configured-in-the-idp>
    export OS_CLIENT_SECRET=<the-client-secred-configured-in-the-idp>
    export OS_OPENID_SCOPE=<the-scopes-of-desired-attributes-to-claim-from-idp>
    export OS_PROTOCOL=<the-protocol-used-in-the-apache2-oidc-proxy>
    export OS_ACCESS_TOKEN_TYPE=<the-access-token-type-used-by-your-idp>
    export OS_DISCOVERY_ENDPOINT=<the-well-known-endpoint-of-the-idp>

    The corresponding command-line options look very similar:

    --os-project-name <project-name>
    --os-project-domain-name <project-domain-name>
    --os-auth-url <url-to-openstack-identity>
    --os-identity-api-version 3
    --os-auth-plugin openid
    --os-auth-type v3oidcpassword
    --os-username <username-in-idp>
    --os-password <password-in-idp>
    --os-identity-provider <the-desired-idp-in-keystone>
    --os-client-id <the-client-id-configured-in-the-idp>
    --os-client-secret <the-client-secred-configured-in-the-idp>
    --os-openid-scope <the-scopes-of-desired-attributes-to-claim-from-idp>
    --os-protocol <the-protocol-used-in-the-apache2-oidc-proxy>
    --os-access-token-type <the-access-token-type-used-by-your-idp>
    --os-discovery-endpoint <the-well-known-endpoint-of-the-idp>

If a password is not provided above (in plaintext), you will be interactively prompted to provide one securely.