华为云用户手册

通用计算增强型C2 表2 C2型弹性云服务器的规格 规格名称 vCPU 内存（GiB） 最大带宽/基准带宽 最大收发包能力 虚拟化类型 c2.medium 1 2 低 低 XEN c2.large 2 4 低 低 XEN c2.xlarge 4 8 中 中 XEN c2.2xlarge 8 16 中 中 XEN c2.4xlarge 16 32 中 中 XEN c2.8xlarge 32 64 中 中 XEN

H1型云服务器使用须知 H1型弹性云服务器不支持网卡热插拔。 H1型弹性云服务器仅支持同类型云服务器的规格变更。 H1型弹性云服务器当前支持如下版本的操作系统： CentOS 6.8 64bit CentOS 7.2 64bit CentOS 7.3 64bit Windows Server 2008 Windows Server 2012 Windows Server 2016 SUSE Enterprise Linux Server 11 SP3 64bit SUSE Enterprise Linux Server 11 SP4 64bit SUSE Enterprise Linux Server 12 SP1 64bit SUSE Enterprise Linux Server 12 SP2 64bit Red Hat Enterprise Linux 6.8 64bit Red Hat Enterprise Linux 7.3 64bit H1型弹性云服务器主网卡和扩展网卡的使用场景如表12所示。 表12 H1型弹性云服务器网卡的使用场景 网卡类型 使用场景 配置说明 主网卡 用于南北向的三层通信 - 扩展网卡 用于东西向的二层通信 为了提高网络性能，可以将扩展网卡的MTU值设置为MTU=8888。

通用计算型S1 表1 S1型弹性云服务器的规格 规格名称 vCPU 内存（GiB） 最大带宽/基准带宽 最大收发包能力 虚拟化类型 s1.medium 1 4 低 低 XEN s1.large 2 8 低 低 XEN s1.xlarge 4 16 中 中 XEN s1.2xlarge 8 32 中 中 XEN s1.4xlarge 16 64 中 中 XEN s1.8xlarge 32 128 中 中 XEN

快速入门 以下教程将引导您了解并使用QingTian Enclave特性，包括如何启动QingTian Enclave父虚拟机，如何构建QingTian Enclave镜像文件，如何查询正在运行的QingTian Enclave，以及停止QingTian Enclave。 准备一台支持QingTian Enclave特性的虚拟机实例 在购买虚拟机时，您需要在高级选项中勾选Enclave，并选择Linux作为系统镜像。建议使用HCE2.0镜像。 连接到父虚拟机，请参考华为云ECS用户指南。 在父虚拟机中安装qt CLI工具，并在配置文件中按需设置资源隔离参数，然后启动资源隔离服务。详情请见QingTian CLI（qt CLI）。 您可以安装qt CLI工具和其他必要rpm包： yum install qt-enclave-bootstrap yum install virtio-qtbox yum install qingtian-tool 在配置文件中按需配置隔离参数，本教程内使用默认1G内存，2个vCPU。然后启动隔离服务： systemctl start qt-enclave-env 在父虚拟机中安装Docker程序，我们推荐使用二进制的方式进行Docker安装，可以在Docker官方网站下载需要版本。这里以18.09.9为例： wget https://download.docker.com/linux/static/stable/x86_64/docker-18.09.9.tgz 对下载的压缩包进行解压操作： tar zxf docker-18.09.9.tgz 解压完成后将docker目录下所有文件复制到/usr/bin目录下： cp docker/* /usr/bin 启动docker服务，并将日志等级设置为error等级： dockerd -l error & 验证Docker版本： docker version 运行hello-world容器，查看Docker是否安装正确： docker run hello-world 构建QingTian Enclave镜像 本教程中，使用以下脚本作为QingTian Enclave应用程序: #!/bin/bash while true do echo "hello enclave!" sleep 2 done Dockerfile内容如下: FROM ubuntu:latest COPY hello_enclave.sh /root/hello_enclave.sh CMD ["/root/hello_enclave.sh"] 构建一个名为hello-enclave的Docker镜像: docker build -f Dockerfile -t hello-enclave . 使用qt enclave make-img命令将Docker镜像转换为名为hello-enclave.eif的QingTian Enclave镜像： qt enclave make-img --docker-uri hello-enclave --eif hello-enclave.eif 输出为： # qt enclave make-img --docker-uri hello-enclave --eif hello-enclave.eif { "digest": "SHA384", "PCR0": "63bf78ece7d2388ff773d0cad2ebc9a3070359db46d567ba271ff8adfb8b0b091be4ff4d5dda3f1c83109096e3656f3b", "PCR8": "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" } 现在已经构建了名为hello-enclave.eif的QingTian Enclave镜像，命令包含了一系列PCR值，包括PCR0和PCR8（该例子中制作镜像时并没有指定证书和密钥，所以PCR8为0）。这些哈希值是在Enclave镜像构建时产生的测量值，它们通常作为预期的测量值（相对于证明文档中所包含的启动时测量值而言）。 运行QingTian Enclave实例 现在可以使用以下命令来运行QingTian Enclave镜像: qt enclave start --mem 1024 --cpus 2 --eif hello-enclave.eif --cid 4 --debug-mode 该实例运行在debug-mode，关于debug-mode详情可见qt enclave子命令介绍。 您会看到以下输出： # qt enclave start --cpus 2 --mem 1024 --eif hello-enclave.eif --cid 4 --debug-mode Started enclave with EnclaveID : 0, EnclaveCID : 4, NumberOfCPUs : 2, MemoryMiB : 1024 { "EnclaveID": 0, "EnclaveCID": 4, "NumberOfCPUs": 2, "MemoryMiB": 1024, "LaunchMode": "debug" } 在该教程中，我们为该QingTian Enclave实例分配了2个vCPU和1024M内存，并指定其cid为4，该cid可作为QingTian Enclave实例与父虚拟机实例之间的本地套接字的IP地址。 查询正在运行的QingTian Enclave 按以上步骤创建完QingTian Enclave实例后，可以以下命令查询他是否在运行: qt enclave query --enclave-id 0 # qt enclave query --enclave-id 0 [{ "EnclaveID": 0, "ProcessID": 29990, "EnclaveCID": 4, "NumberOfCPUs": 2, "MemoryMiB": 1024, "LaunchMode": "debug" }] 该命令可以用于查询QingTian Enclave相关信息，包括EnclaveID、ProcessID、EnclaveCID、vCPU数量、内存数量以及其运行模式。因为该实例是以debug模式启动的，所以可以用qt enclave console 命令查看QingTian Enclave的只读控制台输出。 hello enclave! hello enclave! hello enclave! hello enclave! 您将观察到终端每隔2秒打印一次hello enclave!。 停止正在运行的QingTian Enclave实例 如果您想停止运行以上的QingTian Enclave实例，可以使用以下命令： # qt enclave stop --enclave-id 0 stop enclave 0 successfully { "EnclaveID": 0 } 父主题： QingTian Enclave管理

QingTian Enclave SDK QingTian Enclave SDK由一系列开源库组成，以便您开发自己的QingTian Enclave应用程序。其中包括QingTian安全模块（QingTian Security Module，QTSM）提供的qtsm-lib函数库。此外，SDK集成了KMS接口，该接口内置了获取证明文档及调用华为云KMS相关服务的功能。在典型使用案例里，我们描述了在QingTian Enclave调用KMS解密接口的实例。 表1 接口介绍 类型 接口 接口描述 libqtsm接口 qtsm_describe_pcr 查询指定index的PCR数据信息 qtsm_extend_pcr 扩展指定index对应的PCR值 qtsm_lock_pcr 锁定指定index的PCR数据信息 qtsm_lock_pcrs 批量锁定指定index对应的PCR值 qtsm_get_describe 获取qtsm信息 qtsm_get_attestation 获取Attestation Doc qtsm_get_random 获取硬件随机数 KMS接口 kms_generate_datakey_blocking 生成新的密钥对，获取公钥与私钥 kms_generate_datakey_blocking_with_proxy 集成qtproxy代理的密钥对获取接口 kms_gen_random_blocking 获取随机数 kms_gen_random_blocking_with_proxy 集成qtproxy代理的随机数获取接口 kms_decrypt_data_blocking 解密数据 kms_decrypt_data_blocking_with_proxy 集成qtproxy代理的解密数据接口 源码可以在开源仓库https://gitee.com/HuaweiCloudDeveloper/huawei-qingtian/tree/master/enclave免费获取，您可以基于测试示例开发自己的QingTian Enclave应用程序。

libqtsm与SDK使用示例 本节主要基于开源示例代码来介绍如何在QingTian Enclave应用程序中使用libqtsm与SDK接口。本节中提供的示例程序只支持在Linux环境下运行。 安装libqtsm开发包： yum install libqtsm-devel 获取开源示例代码，拷贝至enclave镜像创建环境中，地址如下： https://gitee.com/HuaweiCloudDeveloper/huawei-qingtian/tree/master/enclave/qtsm 创建一个Dockerfile文件，内容如下： # start the Docker image from ubuntu FROM ubuntu AS base-img WORKDIR /home/builder # COPY libqtsm example COPY ./qtsm qtsm_tests/ # install relative dependencies RUN apt-get update && \ apt-get install gcc -y && \ apt-get install make -y && \ apt-get install libssl-dev -y && \ apt-get install libglib2.0-dev -y && \ apt-get install curl -y && \ apt-get install libcurl4-openssl-dev –y && \ apt-get install -y libcbor-dev && \ apt-get install -y libjson-c-dev # build a test demo RUN cd qtsm_tests/tests/ && \ make RUN cp /home/builder/qtsm_tests/tests/gtest_libqtsm /root/ # Launch a client CMD "/root/gtest_libqtsm" 构建docker镜像，将docker镜像装换为enclave镜像并启动enclave。 获取SDK接口的开源示例代码，地址如下： https://gitee.com/HuaweiCloudDeveloper/huawei-qingtian/tree/master/enclave/qtsm-sdk-c/samples

相关操作 当不再使用虚拟IP时，可以删除虚拟IP地址，详细内容，请参考删除虚拟IP地址。 弹性云服务器的网卡解绑并删除虚拟IP地址后，需要在弹性云服务器上手工删除虚拟IP地址。 Linux系统（本文以“CentOS 7.2 64bit”为例，其他规格请参考对应官网帮助文档） 执行以下命令，查看并记录需要删除虚拟IP的网卡及对应连接。 nmcli connection 回显类似如下信息： 本示例的回显信息说明如下： DEVICE列的eth0为需要删除虚拟IP的网卡。 NAME列的Wired connection 1为网卡对应的连接。 执行以下命令，在目标连接中删除虚拟IP。 nmcli connection delete "CONNECTION" ipv4.addresses VIP 参数说明如下： CONNECTION：为步骤1中查到的网卡对应的连接。 VIP：待删除的虚拟IP地址。 执行以下命令，使配置生效。 nmcli connection up "CONNECTION" 命令示例： nmcli connection up "Wired connection 1" 执行以下命令，检查虚拟IP配置是否成功。 ip a 可以看到eth0网卡下已经不存在添加的虚拟IP地址。

系统PCR PCR 度量内容 备注 PCR0 QingTian Enclave镜像文件 QingTian Enclave镜像文件本身，不包括证书与签名信息 PCR8 QingTian Enclave镜像文件签名证书 QingTian Enclave镜像文件的签名证书 当前QingTian Enclave提供的度量值支持PCR0和PCR8，后续会进行扩展。 PCR0是对QingTian Enclave镜像文件的度量值，在镜像制作完成时，PCR0的值就是确定的。以下是PCR0实例： EXTEND_PCR: index: 0 EXTEND_PCR: data: 0d1ae7330f437ee563178df30a7c7b7634125d31cac14f6784933db5e90080008438b38fdbb39c886ffe0586ab099b56 EXTEND_PCR res: data: b8c59692da8a5bcb739a83d15a0ceca670bd78da06cb2250ec70548f72254e674419e9888db9c0364a9b88dd58017a62 PCR8是对QingTian Enclave镜像文件的签名证书的度量值，用户可以选择用自己的证书和私钥对镜像文件进行签名。只有当镜像文件使用了签名证书和私钥进行签名，才会有对应的PCR8。使用PCR8可以确认是镜像是通过特定的签名证书来进行签名的，即使镜像文件改变，只要指定的签名证书不变，PCR8就不会变化。以下是PCR8实例： EXTEND_PCR: index: 8 EXTEND_PCR: data: c5b3e075e00c261e7fc364f1541067b2a42d4b793225ab10e5cfb8eaca31b3d598af9dd2e491828c2569a9953401abcb EXTEND_PCR res: data: 4f8b066ce5ac24150612ba9a55bbb9211f626152ada40ede160f4d7ecbfa214c2a549181f6611a3d16a12ec88a577a01

构建QingTian Enclave镜像 在开发人员开发完成一个QingTian Enclave应用程序后，还需要在一个可信赖的环境中构建QingTian Enclave镜像文件（.eif）。该镜像文件提供了启动QingTian Enclave实例所需要的所有信息，包括应用程序代码、运行时依赖、操作系统和文件系统等。在本节我们将说明如何创建QingTian Enclave镜像文件。 制作docker源镜像 用户将开发好的enclave应用程序及其相关的执行环境打包成docker镜像。详情可见Linux系统上QingTian Enclave应用的开发。 获取镜像库中的镜像 本章将使用docker仓中提供的ubuntu镜像为例。从docker中获取镜像源（虚拟机内需要配置网络才可查询）。查询镜像源命令： docker search ubuntu 将ubuntu镜像pull到本地： docker pull ubuntu 镜像pull到本地后可以通过以下命令查询到: docker image ls 如果您使用本地docker镜像，可以直接进行步骤3镜像转换。 镜像转换 接下来，您需要将docker镜像转换为QingTian Enclave镜像，转换前可以通过（openssl或其他工具）创建私钥（private-key.pem）和证书（server.pem）。生成私钥和证书为可选项。*qt make-img*命令中的必要参数为docker源镜像和创建后生成的QingTian Enclave目标镜像。 # qt enclave make-img --docker-uri ubuntu --eif /home/docker/ubuntu.eif -- private-key /home/docker/private-key.pem--signing-certificate /home/docker/server.pem { "digest": "SHA384", "PCR0": "b8c59692da8a5bcb739a83d15a0ceca670bd78da06cb2250ec70548f72254e674419e9888db9c0364a9b88dd58017a62" "PCR8": "dbf4a7f9fab7f18619b5899c407081981ad6762fb9a809da78548821b5021965423181584acd7b201703376f1133a546" } 至此，QingTian Enclave可用的EIF镜像已制作完成。您会获得一组散列PCR0和PCR8，这些散列值用作预期的Enclave度量值，它们可用于IAM授权策略中的条件键，以实现对KMS API的条件访问控制。详情可见PCR简介。 父主题： 典型使用案例

响应消息 响应参数 响应参数如表2所示。 表2 响应参数 参数 参数类型 描述 volumeAttachments Array of objects 云服务器挂载信息列表，详情请参见表3。 表3 volumeAttachments字段数据结构说明 参数 参数类型 描述 device String 挂载目录。 id String 挂载资源ID。 serverId String 所属云服务器ID。 volumeId String 挂载云磁盘ID。

响应示例 { "volumeAttachments": [ { "device": "/dev/sdd", "id": "a26887c6-c47b-4654-abb5-dfadf7d3f803", "serverId": "4d8c3732-a248-40ed-bebc-539a6ffd25c0", "volumeId": "a26887c6-c47b-4654-abb5-dfadf7d3f803" }, { "device": "/dev/sdc", "id": "a26887c6-c47b-4654-abb5-dfadf7d3f804", "serverId": "4d8c3732-a248-40ed-bebc-539a6ffd25c0", "volumeId": "a26887c6-c47b-4654-abb5-dfadf7d3f804" } ] }

请求示例 批量删除指定云服务器的2组标签。 POST https://{endpoint}/v1/{project_id}/cloudservers/{server_id}/tags/action { "action": "delete", "tags": [ { "key": "key1", "value": "value1" }, { "key": "key2", "value": "value3" } ] }

请求消息 请求参数如表2所示。 表2 请求参数 参数 是否必选 参数类型 描述 tags 是 Array of objects 标签列表，详情参见表3 action 是 String 操作标识（仅支持小写）：delete（删除） 表3 tags 字段数据结构说明 参数 是否必选 参数类型 描述 key 是 String 键。 不能为空。 同一资源的key值不能重复。 value 否 String 值。 可以为空字符串。

下载OBS Browser+ 针对不同操作系统，OBS Browser+下载地址如表1所示。 表1 下载列表 支持平台 下载地址 Windows x32 OBSBrowserPlus-win32 OBSBrowserPlus-win32_sha256 Windows x64 OBSBrowserPlus-win64 OBSBrowserPlus-win64_sha256 Mac OBSBrowserPlus-Mac OBSBrowserPlus-Mac_sha256 OBS Browser+软件包下载地址是不带sha256后缀结尾的链接，带sha256后缀结尾的下载链接仅为对应软件包的完整性校验文件。例如：Windows x64版本的下载链接是OBSBrowserPlus-win64，它的校验文件下载链接则是OBSBrowserPlus-win64_sha256。 OBS Browser+最新版本将不支持Windows 7, Windows 8 和 Windows 8.1等旧版本的Windows，旧版Windows请使用OBSBrowserPlus_3.22.11-win64版本或OBSBrowserPlus_3.22.11-win32版本，并且3.22.11版本后续不再维护。

Java 接受云硬盘过户：使用云硬盘过户的身份认证密钥接受云硬盘过户。 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.evs.v2.region.EvsRegion; import com.huaweicloud.sdk.evs.v2.*; import com.huaweicloud.sdk.evs.v2.model.*; public class CinderAcceptVolumeTransferSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); EvsClient client = EvsClient.newBuilder() .withCredential(auth) .withRegion(EvsRegion.valueOf("cn-north-4")) .build(); CinderAcceptVolumeTransferRequest request = new CinderAcceptVolumeTransferRequest(); CinderAcceptVolumeTransferRequestBody body = new CinderAcceptVolumeTransferRequestBody(); CinderAcceptVolumeTransferOption acceptbody = new CinderAcceptVolumeTransferOption(); acceptbody.withAuthKey("9266c59563c84664"); body.withAccept(acceptbody); request.withBody(body); try { CinderAcceptVolumeTransferResponse response = client.cinderAcceptVolumeTransfer(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }

Python 接受云硬盘过户：使用云硬盘过户的身份认证密钥接受云硬盘过户。 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 # coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkevs.v2.region.evs_region import EvsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkevs.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.getenv("CLOUD_SDK_AK") sk = os.getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = EvsClient.new_builder() \ .with_credentials(credentials) \ .with_region(EvsRegion.value_of("cn-north-4")) \ .build() try: request = CinderAcceptVolumeTransferRequest() acceptbody = CinderAcceptVolumeTransferOption( auth_key="9266c59563c84664" ) request.body = CinderAcceptVolumeTransferRequestBody( accept=acceptbody ) response = client.cinder_accept_volume_transfer(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)

Go 接受云硬盘过户：使用云硬盘过户的身份认证密钥接受云硬盘过户。 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" evs "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := evs.NewEvsClient( evs.EvsClientBuilder(). WithRegion(region.ValueOf("cn-north-4")). WithCredential(auth). Build()) request := &model.CinderAcceptVolumeTransferRequest{} acceptbody := &model.CinderAcceptVolumeTransferOption{ AuthKey: "9266c59563c84664", } request.Body = &model.CinderAcceptVolumeTransferRequestBody{ Accept: acceptbody, } response, err := client.CinderAcceptVolumeTransfer(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } }

Python 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 # coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkevs.v2.region.evs_region import EvsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkevs.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.getenv("CLOUD_SDK_AK") sk = os.getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = EvsClient.new_builder() \ .with_credentials(credentials) \ .with_region(EvsRegion.value_of("cn-north-4")) \ .build() try: request = ShowSnapshotRequest() response = client.show_snapshot(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)

Go 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" evs "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := evs.NewEvsClient( evs.EvsClientBuilder(). WithRegion(region.ValueOf("cn-north-4")). WithCredential(auth). Build()) request := &model.ShowSnapshotRequest{} response, err := client.ShowSnapshot(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } }

Java 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.evs.v2.region.EvsRegion; import com.huaweicloud.sdk.evs.v2.*; import com.huaweicloud.sdk.evs.v2.model.*; public class ShowSnapshotSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); EvsClient client = EvsClient.newBuilder() .withCredential(auth) .withRegion(EvsRegion.valueOf("cn-north-4")) .build(); ShowSnapshotRequest request = new ShowSnapshotRequest(); try { ShowSnapshotResponse response = client.showSnapshot(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }

Python 创建一个云硬盘快照，当源云硬盘处于挂载状态时，不能强制创建快照。 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 # coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkevs.v2.region.evs_region import EvsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkevs.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.getenv("CLOUD_SDK_AK") sk = os.getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = EvsClient.new_builder() \ .with_credentials(credentials) \ .with_region(EvsRegion.value_of("cn-north-4")) \ .build() try: request = CreateSnapshotRequest() listMetadataSnapshot = { "key_string": "value_string" } snapshotbody = CreateSnapshotOption( volume_id="5aa119a8-d25b-45a7-8d1b-88e127885635", force=False, metadata=listMetadataSnapshot, description="Daily backup", name="snap-001" ) request.body = CreateSnapshotRequestBody( snapshot=snapshotbody ) response = client.create_snapshot(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)

Go 创建一个云硬盘快照，当源云硬盘处于挂载状态时，不能强制创建快照。 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" evs "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := evs.NewEvsClient( evs.EvsClientBuilder(). WithRegion(region.ValueOf("cn-north-4")). WithCredential(auth). Build()) request := &model.CreateSnapshotRequest{} var listMetadataSnapshot = map[string]string{ "key_string": "value_string", } forceSnapshot:= false descriptionSnapshot:= "Daily backup" nameSnapshot:= "snap-001" snapshotbody := &model.CreateSnapshotOption{ VolumeId: "5aa119a8-d25b-45a7-8d1b-88e127885635", Force: &forceSnapshot, Metadata: listMetadataSnapshot, Description: &descriptionSnapshot, Name: &nameSnapshot, } request.Body = &model.CreateSnapshotRequestBody{ Snapshot: snapshotbody, } response, err := client.CreateSnapshot(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } }

Python 删除一个指定云硬盘的两个标签，一个标签key为key1，另一个标签key为key2。 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 # coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkevs.v2.region.evs_region import EvsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkevs.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.getenv("CLOUD_SDK_AK") sk = os.getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = EvsClient.new_builder() \ .with_credentials(credentials) \ .with_region(EvsRegion.value_of("cn-north-4")) \ .build() try: request = BatchDeleteVolumeTagsRequest() listTagsbody = [ DeleteTagsOption( key="key1" ), DeleteTagsOption( key="key2" ) ] request.body = BatchDeleteVolumeTagsRequestBody( tags=listTagsbody, action="delete" ) response = client.batch_delete_volume_tags(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)

Go 删除一个指定云硬盘的两个标签，一个标签key为key1，另一个标签key为key2。 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" evs "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := evs.NewEvsClient( evs.EvsClientBuilder(). WithRegion(region.ValueOf("cn-north-4")). WithCredential(auth). Build()) request := &model.BatchDeleteVolumeTagsRequest{} var listTagsbody = []model.DeleteTagsOption{ { Key: "key1", }, { Key: "key2", }, } request.Body = &model.BatchDeleteVolumeTagsRequestBody{ Tags: listTagsbody, Action: model.GetBatchDeleteVolumeTagsRequestBodyActionEnum().DELETE, } response, err := client.BatchDeleteVolumeTags(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } }

Python 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 # coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkevs.v2.region.evs_region import EvsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkevs.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.getenv("CLOUD_SDK_AK") sk = os.getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = EvsClient.new_builder() \ .with_credentials(credentials) \ .with_region(EvsRegion.value_of("cn-north-4")) \ .build() try: request = ShowVolumeRequest() response = client.show_volume(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)

Go 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" evs "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := evs.NewEvsClient( evs.EvsClientBuilder(). WithRegion(region.ValueOf("cn-north-4")). WithCredential(auth). Build()) request := &model.ShowVolumeRequest{} response, err := client.ShowVolume(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } }

Java 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.evs.v2.region.EvsRegion; import com.huaweicloud.sdk.evs.v2.*; import com.huaweicloud.sdk.evs.v2.model.*; public class ShowVolumeSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); EvsClient client = EvsClient.newBuilder() .withCredential(auth) .withRegion(EvsRegion.valueOf("cn-north-4")) .build(); ShowVolumeRequest request = new ShowVolumeRequest(); try { ShowVolumeResponse response = client.showVolume(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }

Go 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" evs "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/evs/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). Build() client := evs.NewEvsClient( evs.EvsClientBuilder(). WithRegion(region.ValueOf("cn-north-4")). WithCredential(auth). Build()) request := &model.ListVolumeTagsRequest{} response, err := client.ListVolumeTags(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } }

Python 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 # coding: utf-8 from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkevs.v2.region.evs_region import EvsRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkevs.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.getenv("CLOUD_SDK_AK") sk = os.getenv("CLOUD_SDK_SK") credentials = BasicCredentials(ak, sk) \ client = EvsClient.new_builder() \ .with_credentials(credentials) \ .with_region(EvsRegion.value_of("cn-north-4")) \ .build() try: request = ListVolumeTagsRequest() response = client.list_volume_tags(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg)

Java 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.evs.v2.region.EvsRegion; import com.huaweicloud.sdk.evs.v2.*; import com.huaweicloud.sdk.evs.v2.model.*; public class ListVolumeTagsSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); ICredential auth = new BasicCredentials() .withAk(ak) .withSk(sk); EvsClient client = EvsClient.newBuilder() .withCredential(auth) .withRegion(EvsRegion.valueOf("cn-north-4")) .build(); ListVolumeTagsRequest request = new ListVolumeTagsRequest(); try { ListVolumeTagsResponse response = client.listVolumeTags(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } }