我正在关注这个VMware 文档。使用 REST API 时,需要提供哪些标头来对 vCenter Server 进行身份验证?
对于蟒蛇:
import requests
# https://vdc-download.vmware.com/vmwb-repository/dcr-public/1cd28284-3b72-4885-9e31-d1c6d9e26686/71ef7304-a6c9-43b3-a3cd-868b2c236c81/doc/operations/com/vmware/vcenter/vm.list-operation.html
sess = requests.post("https://XXXXXXXX/rest/com/vmware/cis/session", auth=('USERNAME', 'PASSWORD'), verify=False)
session_id = sess.json()['value']
resp = requests.get("https://XXXXXXXX/rest/vcenter/vm", verify=False, headers={
"vmware-api-session-id": session_id
})
print(u"resp.text = %s" % str(resp.text))
让我说明一下,为了从 Vcenter 获取虚拟机列表,您到底需要做什么。
首先,您需要向
https://vcsa/rest/com/vmware/cis/session
发出POST请求以获得会话ID。
然后,您使用 GET 请求到
https://vcsa/rest/vcenter/vm
,并将 HTTP 标头 vmware-api-session-id
设置为之前获取的会话 ID。
这是 PHP 中的一些示例代码:
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, "https://vcsa/rest/com/vmware/cis/session");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_USERPWD, '[email protected]' . ":" . 'password');
$out = json_decode(curl_exec($ch));
// var_dump($out);
if ($out === false) {
echo 'Curl Error: ' . curl_error($ch);
exit;
}
$sid = $out->value;
curl_setopt($ch, CURLOPT_HTTPHEADER, array("vmware-api-session-id:$sid"));
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_URL, "https://vcsa/rest/vcenter/vm");
$output = curl_exec($ch);
$vms = json_decode($output);
var_dump($vms);
curl_close($ch);
PowerShell:
$User="<username>"
$Pass="<password>"
$Auth=$User+":"+$Pass
$Encoded=[System.Text.Encoding]::UTF8.GetBytes($Auth)
$EncodedAuth=[System.Convert]::ToBase64String($Encoded)
$Headers = @{"Authorization"="Basic $($EncodedAuth)"}
$SecPass=ConvertTo-SecureString -String $Pass -AsPlainText -Force
$Cred=[System.Management.Automation.PSCredential]::new($User,$SecPass)
<# Uncomment this part if you don't have a valid trusted certificate
$strIDontCarePolicy=@"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class IDontCarePolicy : ICertificatePolicy {
public IDontCarePolicy() {}
public bool CheckValidationResult(ServicePoint sPoint, X509Certificate cert, WebRequest wRequest, int certProb) { return true; }
}
"@
Add-Type -TypeDefinition $strIDontCarePolicy -PassThru
[System.Net.ServicePointManager]::CertificatePolicy = New-Object IDontCarePolicy
#>
$initSession=Invoke-RestMethod -Uri "https://<vCenter Server>/rest/com/vmware/cis/session" -Method Post -Headers $Headers
$SessionID=$initSession.Value
请注意,VMware 在 /rest
下提供了一个现已
已弃用的 API,该 API 仅在 vSphere 7.0 Update 2 之前有效。从 vSphere 7.0 开始,在
/api
下提供了一个新 API,它使用类似的 URL与之前的 API 相同,但有些不同。而且返回的 JSON 也不同。
旧 API 的 Python 示例:
import requests
# Get session ID
response = requests.post("https://<VCENTER>/rest/com/vmware/cis/session", auth=(<USER>, <PASSWORD>))
if response.ok:
sessionId = response.json()['value']
else:
raise ValueError("Unable to retrieve a session ID.")
# Get VMs, for example
response = requests.get("https://<VCENTER>/rest/vcenter/vm", headers={"vmware-api-session-id": sessionId})
if response.ok:
print(f"VMs: {response.json()['value']}")
else:
raise ValueError("Unable to retrieve VMs.")
新 API 的 Python 示例:
import requests
# Get session ID
response = requests.post("https://<VCENTER>/api/session", auth=(<USER>, <PASSWORD>))
if response.ok:
sessionId = response.json()
else:
raise ValueError("Unable to retrieve a session ID.")
# Get VMs, for example
response = requests.get("https://<VCENTER>/api/vcenter/vm", headers={"vmware-api-session-id": sessionId})
if response.ok:
print(f"VMs: {response.json()}")
else:
raise ValueError("Unable to retrieve VMs.")
有关 API 更改的更多信息,请查看本文。
对于 .NET 客户端
//仅当您没有有效证书时忽略证书
var handler = new HttpClientHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Manual;
handler.ServerCertificateCustomValidationCallback =
(httpRequestMessage, cert, cetChain, policyErrors) =>
{
return true;
};
using (var client = new HttpClient(handler))
{
var values = new Dictionary<string, string>
{
};
client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue(
"Basic", Convert.ToBase64String(
System.Text.ASCIIEncoding.ASCII.GetBytes(
$"{"username"}:{"password"}")));
var content = new FormUrlEncodedContent(values);
//var stringContent = new StringContent(content, Encoding.UTF8, "application/x-www-form-urlencoded");
var response = await client.PostAsync("https://vcsa/rest/com/vmware/cis/session", content);
var responseString = await response.Content.ReadAsAsync<KeyValuePair<string, string>>();
client.DefaultRequestHeaders.Authorization
= new AuthenticationHeaderValue("Bearer", responseString.Value);
var vmRespone = await client.GetAsync("https://vcsa/rest/vcenter/vm");
}