To generate a keypair, call the novaclient.v1_1.keypairs.KeypairManager.create method: import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) keypair_name = "staging" keypair = nova.keypairs.create(name=keypair_name) print keypair.private_key The Python script output looks something like this: -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEA8XkaMqInSPfy0hMfWO+OZRtIgrQAbQkNcaNHmv2GN2G6xZlb\nuBRux5Xk/6SZ ABaNPm1nRWm/ZDHnxCsFTcAl2LYOQXx3Cl2qKNY4r2di4G48GAkd\n7k5lDP2RgQatUM8npO0CD9PU ... mmrceYYK08/lQ7JKLmVkdzdQKt77+v1oBBuHiykLfI6h1m77NRDw9r8cV\nzczYeoALifpjTPMkKS8 ECfDCuDn/vc9K1He8CRaJHf8AMLQLM3MN -----END RSA PRIVATE KEY----- You will typically write the private key to a file in order to use it later. The file must be readable and writeable by only the file owner, otherwise the ssh client will refuse to read the private key file. It is safest to create the file with the appropriate permissions, as shown in the following example: import novaclient.v1_1.client as nvclient import os nova = nvclient.Client(...) keypair_name = "staging" private_key_filename = "/home/alice/id-staging" keypair = nova.keypairs.create(name=keypair_name) # Create a file for writing that can only be read and written by owner fp = os.open(private_key_filename, os.O_WRONLY | os.O_CREAT, 0o600) with os.fdopen(fp, 'w') as f: f.write(keypair.private_key)

If you have already generated a keypair with the public key located at ~/.ssh/id_rsa.pub, pass the contents of the file to the novaclient.v1_1.keypairs.KeypairManager.create method to import the public key to Compute: import novaclient.v1_1.client as nvclient import os.path with open(os.path.expanduser('~/.ssh/id_rsa.pub')) as f: public_key = f.read() nova = nvclient.Client(...) nova.keypairs.create('mykey', public_key)

To list keypairs, call the novaclient.v1_1.keypairs.KeypairManager.list method: import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) keypairs = nova.keypairs.list()

To list security groups for the current project, call the novaclient.v_1.security_groups.SecurityGroupManager.list method: import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) security_groups = nova.security_groups.list() To create a security group with a specified name and description, call the novaclient.v_1.security_groups.SecurityGroupManager.create method: import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) nova.security_groups.create(name="web", description="Web servers") To delete a security group, call the novaclient.v_1.security_groups.SecurityGroupManager.delete method, passing either a novaclient.v1_1.security_groups.SecurityGroup object or group ID as an argument: import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) group = nova.security_groups.find(name="web") nova.security_groups.delete(group) # The following lines would also delete the group: # nova.security_groups.delete(group.id) # group.delete()

Access the security group rules from the rules attribute of a novaclient.v1_1.security_groups.SecurityGroup object: import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) group = nova.security_groups.find(name="web") print group.rules To add a rule, to a security group, call the novaclient.v1_1.security_group_rules.SecurityGroupRuleManager.create method: import novaclient.v1_1.client as nvclient nova = nvclient.Client(...) group = nova.security_groups.find(name="web") # Add rules for ICMP, tcp/80 and tcp/443 nova.security_group_rules.create(group.id, ip_protocol="icmp", from_port=-1, to_port=-1) nova.security_group_rules.create(group.id, ip_protocol="tcp", from_port=80, to_port=80) nova.security_group_rules.create(group.id, ip_protocol="tcp", from_port=443, to_port=443)