Python NodeCredential 예제들

예제 #1

파일: test_cinder.py 프로젝트: agonzalezro/flocker

    def create_credentials():
        """
        Create PKI credentials for TLS access to libvirtd.

        Credentials are not signed by the host CA. This only allows
        unverified access but removes the need to transfer files
        between the host and the guest.
        """
        path = FilePath(tempfile.mkdtemp())
        try:
            ca = RootCredential.initialize(path, b"mycluster")
            NodeCredential.initialize(path, ca, uuid='client')
            ca_dir = FilePath('/etc/pki/CA')
            if not ca_dir.exists():
                ca_dir.makedirs()
            path.child(AUTHORITY_CERTIFICATE_FILENAME).copyTo(
                FilePath('/etc/pki/CA/cacert.pem')
            )
            client_key_dir = FilePath('/etc/pki/libvirt/private')
            if not client_key_dir.exists():
                client_key_dir.makedirs()
            client_key_dir.chmod(0700)
            path.child('client.key').copyTo(
                client_key_dir.child('clientkey.pem')
            )
            path.child('client.crt').copyTo(
                FilePath('/etc/pki/libvirt/clientcert.pem')
            )
        finally:
            path.remove()

예제 #2

파일: test_cinder.py 프로젝트: hackday-profilers/flocker

    def create_credentials(path):
        """
        Create PKI credentials for TLS access to libvirtd.

        Credentials are not signed by the host CA. This only allows
        unverified access but removes the need to transfer files
        between the host and the guest.
        """
        # Create CA and client key pairs
        ca = RootCredential.initialize(path, b"CA")
        ca_file = path.child(AUTHORITY_CERTIFICATE_FILENAME)
        NodeCredential.initialize(path, ca, uuid='client')
        # Files must have specific names in the pkipath directory
        ca_file.moveTo(path.child('cacert.pem'))
        path.child('client.key').moveTo(path.child('clientkey.pem'))
        path.child('client.crt').moveTo(path.child('clientcert.pem'))

예제 #3

파일: test_cinder.py 프로젝트: maskofG/flocker

    def create_credentials(path):
        """
        Create PKI credentials for TLS access to libvirtd.

        Credentials are not signed by the host CA. This only allows
        unverified access but removes the need to transfer files
        between the host and the guest.
        """
        # Create CA and client key pairs
        ca = RootCredential.initialize(path, b"CA")
        ca_file = path.child(AUTHORITY_CERTIFICATE_FILENAME)
        NodeCredential.initialize(path, ca, uuid='client')
        # Files must have specific names in the pkipath directory
        ca_file.moveTo(path.child('cacert.pem'))
        path.child('client.key').moveTo(path.child('clientkey.pem'))
        path.child('client.crt').moveTo(path.child('clientcert.pem'))