Machine Credentials

Machine Credentials contain the necessary information for logging into remote hosts as well as how to escalate privileges (sudo/su).

Managing Machine Credentials URL
Get a machine credential object by ID GET /api/v1/lcm/machine_credentials/{id}
Get a list of machine credentials GET /api/v1/lcm/machine_credentials/
Create a machine credential POST /api/v1/lcm/machine_credentials/
Update a machine credential PUT /api/v1/lcm/machine_credentials/{id}
Delete a machine credential DELETE /api/v1/lcm/repositories/{id}

Managing Machine Credentials

Machine Credential
{
    "id": <value>,
    "name": <value>,
    "login-name": <value>,
    "login-password": <value>,
    "ssh-private-key": <value>,
    "ssh-unlock": <value>
    "become-mode": <value>,
    "become-user": <value>,
    "become-password": <value>,
    "use-ssh-keys": <value>,
    "comment": <value>
}
Property Description of Values
id A UUID for the Machine Credential.
name A human-readable name for the credential. Required.
login-name The username that will be used to log in to target nodes over SSH. Required.
login-password The password that will be used to log in to target nodes over SSH, if using password authentication.
ssh-private-key The private-key that will be used to log in to target nodes over SSH, if using key-based authentication. Must be in OpenSSH format, which is commonly used when creating keys with OpenSSH’s ssh-keygen tool.
ssh-unlock The ssh passphrase required to unlock the key, if the private key requires one.
become-mode The privilege-escalation mechanism to obtain super-user privileges on target nodes. Can be sudo, su, or direct (if login-name already has super-user privs). Defaults to direct.
become-user The name of the super-user on target nodes whose privileges will be assumed. Required if become-mode is sudo or su. Defaults to root.
become-password The password that will be used in response to sudo or su prompts on target nodes. Required if the become-mode is sudo or su and the target node prompts for passwords.
use-ssh-keys Ignored. Optional.
comment A comment that describes the credential. Optional.

Note that, for security reasons, passwords and other sensitive fields are not returned in response objects.

GET /api/v1/lcm/machine_credentials/{id}

Gets a specific machine credentials record by ID.

Path arguments:id – A Machine Credential ID.

Returns a Machine Credential object.

Example:

curl http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3

Output:

{

    "become-user": null,
    "become-mode": "sudo",
    "created-on": "2016-06-20T21:00:41.405Z",
    "type": "machine-credential",
    "related-resources": {
        "datacenters": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/datacenters/",
        "nodes": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/nodes/",
        "clusters": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/clusters/"
    },
    "modified-by": "system",
    "modified-on": "2016-06-20T21:00:41.405Z",
    "name": "my cluster creds",
    "use-ssh-keys": false,
    "comment": null,
    "login-user": "johndoe",
    "id": "ba908cb4-9116-4cf9-abe6-694ad75b70d3",
    "href": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3",
    "created-by": "system"

}
GET /api/v1/lcm/machine_credentials/

Gets a paginated list of all Machine Credential records. See Paginated Results for an overview of the query string parameters that can be used.

Example:

curl http://localhost:8888/api/v1/lcm/machine_credentials/

Output:

{
    "next": null,
    "previous": null,
    "last": 1,
    "count": 1,
    "per-page": 50,
    "current": 1,
    "results": [
        {
            "created-on": "2016-06-20T21:00:41.405Z",
            "type": "machine-credential",
            "related-resources": {
                "datacenters": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/datacenters/",
                "nodes": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/nodes/",
                "clusters": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/clusters/"
            },
            "modified-on": "2016-06-20T21:00:41.405Z",
            "name": "my cluster creds",
            "login-user": "johndoe",
            "id": "ba908cb4-9116-4cf9-abe6-694ad75b70d3",
            "href": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3"
        }
    ]
}
POST /api/v1/lcm/machine_credentials/

Creates a new machine credential object.

Body:A Machine Credential object (with no ID property).

Returns the newly created Machine Credential object.

Example:

Input:

{
    "become-mode":"sudo",
    "use-ssh-keys":false,
    "name":"my cluster creds",
    "login-user":"johndoe",
    "login-password":"foo",
    "become-password":"foo",
    "ssh-private-key":null,
    "ssh-unlock":null,
    "become-user":null
}
curl -X POST -d '<example input>' http://localhost:8888/api/v1/lcm/machine_credentials/

Output:

{
    "become-user": null,
    "become-mode": "sudo",
    "created-on": "2016-06-20T21:00:41.405Z",
    "type": "machine-credential",
    "related-resources": {
        "datacenters": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/datacenters/",
        "nodes": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/nodes/",
        "clusters": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/clusters/"
    },
    "modified-by": "system",
    "modified-on": "2016-06-20T21:00:41.405Z",
    "name": "my cluster creds",
    "use-ssh-keys": false,
    "comment": null,
    "login-user": "johndoe",
    "id":
    "ba908cb4-9116-4cf9-abe6-694ad75b70d3",
    "href": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3",
    "created-by": "system"
}
PUT /api/v1/lcm/machine_credentials/{id}

Update an existing machine credential record by ID.

Path arguments:id – A Machine Credential ID.

Returns the updated Machine Credential object.

Example:

Input:

{
    "become-user":null,
    "become-mode":"sudo",
    "name":"my cluster creds",
    "use-ssh-keys":false,
    "comment":null,
    "login-user":"janedoe",
    "id":"ba908cb4-9116-4cf9-abe6-694ad75b70d3",
    "created-by":"system",
    "login-password":"blah",
    "become-password":"blah",
    "ssh-private-key":null,
    "ssh-unlock":null
}
curl -X PUT -d '<example input>' http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3

Output:

{
    "become-user": null,
    "become-mode": "sudo",
    "created-on": "2016-06-20T21:00:41.405Z",
    "type": "machine-credential",
    "related-resources": {
        "datacenters": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/datacenters/",
        "nodes": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/nodes/",
        "clusters": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3/clusters/"
    },
    "modified-by": "system",
    "modified-on": "2016-06-20T21:09:08.308Z",
    "name": "my cluster creds",
    "use-ssh-keys": false,
    "comment": null,
    "login-user": "janedoe",
    "id": "ba908cb4-9116-4cf9-abe6-694ad75b70d3",
    "href": "http://localhost:8888/api/v1/lcm/machine_credentials/ba908cb4-9116-4cf9-abe6-694ad75b70d3",
    "created-by": "system"
}
DELETE /api/v1/lcm/machine_credentials/{id}

Delete an existing machine credential record by ID. This is subject to foreign key constraint violations.

Path arguments:id – A Machine Credential ID.

Returns the IDs of the deleted objects.

Example:

curl -X DELETE http://localhost:8888/api/v1/lcm/machine_credentials/5d756e26-4e49-41bc-8d5a-0e5c1dbfdc98

Output:

{"deleted": {"machine-credential": ["ba908cb4-9116-4cf9-abe6-694ad75b70d3"]}}