Machine Credentials
Machine Credentials contain the necessary information for logging into remote hosts as well as how to escalate privileges (sudo/su).
| Managing Machine Credentials | URL |
|---|---|
Get a machine credential object by ID |
|
Get a list of machine credentials |
|
Create a machine credential |
|
Update a machine credential |
|
Delete a machine credential |
Managing Machine Credentials
Machine Credential
{
"id": <value>,
"name": <value>,
"login-name": <value>,
"login-password": <value>,
"ssh-private-key": <value>,
"ssh-unlock": <value>
"become-mode": <value>,
"become-user": <value>,
"become-password": <value>,
"use-ssh-keys": <value>,
"comment": <value>
}| Property | Description of Values |
|---|---|
id |
A UUID for the Machine Credential. |
name |
A human-readable name for the credential. Required. |
login-name |
The username that is used to log in to target nodes over SSH. Required. |
login-password |
The password that is used to log in to target nodes over SSH, if using password authentication. |
ssh-private-key |
The private-key that is used to log in to target nodes over SSH, if using key-based authentication. Must be in OpenSSH format, which is commonly used when creating keys using the OpenSSH |
ssh-unlock |
The ssh passphrase required to unlock the key, if the private key requires one. |
become-mode |
The privilege-escalation mechanism to obtain super-user privileges on target nodes. Can be sudo, su, or direct (if login-name already has super-user privs). Defaults to direct. |
become-user |
The name of the super-user on target nodes whose privileges will be assumed. Required if become-mode is |
become-password |
The password that is used in response to |
use-ssh-keys |
Ignored. Optional. |
comment |
A comment that describes the credential. Optional. |
|
For security reasons, passwords and other sensitive fields are not returned in response objects. |
GET /api/v2/lcm/machine_credentials/{id}
Gets a specific machine credentials record by ID.
Path arguments: id: A Machine Credential ID.
Returns a Machine Credential object.
Example:
curl http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3Output:
{
"become-user": null,
"become-mode": "sudo",
"created-on": "2016-06-20T21:00:41.405Z",
"type": "machine-credential",
"related-resources": {
"datacenters": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/datacenters/",
"nodes": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/nodes/",
"clusters": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/clusters/"
},
"modified-by": "system",
"modified-on": "2016-06-20T21:00:41.405Z",
"name": "my cluster creds",
"use-ssh-keys": false,
"comment": null,
"login-user": "johndoe",
"id": "ba908cb4-9116-4cf9-abe6-694ad75b70d3",
"href": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3",
"created-by": "system"
}GET /api/v2/lcm/machine_credentials/
Gets a paginated list of all Machine Credential records. See Paginated Results for an overview of the query string parameters that can be used.
Example:
curl http://localhost:8888/api/v2/lcm/machine_credentials/Output:
{
"next": null,
"previous": null,
"last": 1,
"count": 1,
"per-page": 50,
"current": 1,
"results": [
{
"created-on": "2016-06-20T21:00:41.405Z",
"type": "machine-credential",
"related-resources": {
"datacenters": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/datacenters/",
"nodes": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/nodes/",
"clusters": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/clusters/"
},
"modified-on": "2016-06-20T21:00:41.405Z",
"name": "my cluster creds",
"login-user": "johndoe",
"id": "ba908cb4-9116-4cf9-abe6-694ad75b70d3",
"href": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3"
}
]
}[[method-post-machine-credential-object"]] === POST /api/v2/lcm/machine_credentials/
Creates a new machine credential object.
Body: A Machine Credential object (with no ID property).
Returns the newly created Machine Credential object.
Example:
Input:
{
"become-mode":"sudo",
"use-ssh-keys":false,
"name":"my cluster creds",
"login-user":"johndoe",
"login-password":"foo",
"become-password":"foo",
"ssh-private-key":null,
"ssh-unlock":null,
"become-user":null
} curl -X POST -d '<example input>' http://localhost:8888/api/v2/lcm/machine_credentials/Output:
{
"become-user": null,
"become-mode": "sudo",
"created-on": "2016-06-20T21:00:41.405Z",
"type": "machine-credential",
"related-resources": {
"datacenters": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/datacenters/",
"nodes": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/nodes/",
"clusters": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/clusters/"
},
"modified-by": "system",
"modified-on": "2016-06-20T21:00:41.405Z",
"name": "my cluster creds",
"use-ssh-keys": false,
"comment": null,
"login-user": "johndoe",
"id":
"ba908cb4-9116-4cf9-abe6-694ad75b70d3",
"href": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3",
"created-by": "system"
}PUT /api/v2/lcm/machine_credentials/{id}
Updates an existing machine credential record by ID.
Path arguments: id: A Machine Credential ID.
Returns the updated Machine Credential object.
Example:
Input:
{
"become-user":null,
"become-mode":"sudo",
"name":"my cluster creds",
"use-ssh-keys":false,
"comment":null,
"login-user":"janedoe",
"id":"ba908cb4-9116-4cf9-abe6-694ad75b70d3",
"created-by":"system",
"login-password":"blah",
"become-password":"blah",
"ssh-private-key":null,
"ssh-unlock":null
} curl -X PUT -d '<example input>' http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3Output:
{
"become-user": null,
"become-mode": "sudo",
"created-on": "2016-06-20T21:00:41.405Z",
"type": "machine-credential",
"related-resources": {
"datacenters": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/datacenters/",
"nodes": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/nodes/",
"clusters": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/clusters/"
},
"modified-by": "system",
"modified-on": "2016-06-20T21:09:08.308Z",
"name": "my cluster creds",
"use-ssh-keys": false,
"comment": null,
"login-user": "janedoe",
"id": "ba908cb4-9116-4cf9-abe6-694ad75b70d3",
"href": "http://localhost:8888/api/v2/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3",
"created-by": "system"
}DELETE /api/v2/lcm/machine_credentials/{id}
Deletes an existing machine credential record by ID. This is subject to foreign key constraint violations.
Path arguments: id: A Machine Credential ID.
Returns the IDs of the deleted objects.
Example:
curl -X DELETE http://localhost:8888/api/v2/lcm/machine_credentials/5d756e26-4e49-41bc-8d5a-0e5c1dbfdc98Output:
{"deleted": {"machine-credential": ["ba908cb4-9116-4cf9-abe6-694ad75b70d3"]}}